Page 1 " " VN/UN764:G" 46/Rqtv"321322Odru"-"6/Rqtv"Ikicdkv" LgvUvtgco"N4"Ocpcigf"Uykvej" " " TGX40302" 3;32233637"...
Page 2 Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other brands and product names are trademarks or registered trademarks of their respective holders. No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-LINK TECHNOLOGIES CO., LTD.
Page 3 EQPVGPVU Rtghceg" 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 3 Ejcrvgt"3 Wukpi"vjg"ENK 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 7 1.1 Accessing the CLI ......................5 1.1.1 Logon by a console port..................5 1.1.2 Logon by Telnet....................6 1.1.3 Logon by SSH....................10 1.2 CLI Command Modes ....................15 1.3 Security Levels ......................18 1.4 Conventions ........................18 1.4.1 Format Conventions ...................18 1.4.2 Special Characters....................18 1.4.3 Parameter Format....................19 Ejcrvgt"4...
Page 4 Ejcrvgt"6 OCE/dcugf"XNCP"Eqoocpfu 000000000000000000000000000000000000000000000000000000000 53 mac-vlan mac-address ......................31 mac-vlan..........................32 show mac-vlan ........................32 show mac-vlan interface......................33 Ejcrvgt"7 Rtqvqeqn/dcugf"XNCP"Eqoocpfu 000000000000000000000000000000000000000000000000000 56 protocol-vlan template ......................34 protocol-vlan vlan ........................35 protocol-vlan..........................35 show protocol-vlan template....................36 show protocol-vlan vlan ......................36 show protocol-vlan interface....................37 Ejcrvgt"8 XNCP/XRP"Eqoocpfu0000000000000000000000000000000000000000000000000000000000000000000000 5: dot1q-tunnel ..........................38 dot1q-tunnel tpid........................38 dot1q-tunnel mapping......................39 switchport dot1q-tunnel mapping...................40...
Page 5 private-vlan association ......................50 switchport private-vlan......................50 switchport private-vlan host-association ................51 switchport private-vlan mapping ....................52 show vlan private-vlan ......................53 Ejcrvgt"; IXTR"Eqoocpfu000000000000000000000000000000000000000000000000000000000000000000000000000000 76 gvrp ............................54 gvrp (interface) ........................54 gvrp registration........................55 gvrp timer ..........................56 show gvrp global ........................57 show gvrp interface .......................57 Ejcrvgt"32 Gvjgtejcppgn"Eqoocpfu 00000000000000000000000000000000000000000000000000000000000000000 7: channel-group ........................58 port-channel load-balance .....................59 lacp system-priority .......................59...
Page 6 ip source binding ........................71 ip source binding index......................72 ip dhcp snooping ........................73 ip dhcp snooping global......................73 ip dhcp snooping information option ..................74 ip dhcp snooping information strategy ...................75 ip dhcp snooping information remote-id.................76 ip dhcp snooping information circuit-id ..................76 ip dhcp snooping trust ......................77 ip dhcp snooping mac-verify....................78 ip dhcp snooping limit rate.....................78 ip dhcp snooping decline .......................79...
Page 7 show ip dos-prevent ......................93 Ejcrvgt"38 KGGG":2403Z"Eqoocpfu 0000000000000000000000000000000000000000000000000000000000000000000 ;6 dot1x system-auth-control .....................94 dot1x auth-method ........................95 dot1x guest-vlan(global) ......................95 dot1x accounting ........................96 dot1x quiet-period........................97 dot1x timeout.........................97 dot1x max-reauth-req ......................98 dot1x............................98 dot1x guest-vlan(interface) ....................99 dot1x port-control ........................100 dot1x port-method .......................100 show dot1x global........................101 show dot1x interface ......................102 Ejcrvgt"39 RRRqG"Ektewkv/KF"Kpugtvkqp"Eqoocpfu 000000000000000000000000000000000000000000325 pppoe circuit-id(global) ......................103...
Page 8 ip ssh timeout ........................115 ip ssh max-client........................115 ip ssh download........................116 show ip ssh.......................... 117 Ejcrvgt"42 UUN"Eqoocpfu 0000000000000000000000000000000000000000000000000000000000000000000000000000000033: ip http secure-server......................118 ip http secure-server download certificate ................118 ip http secure-server download key ..................119 show ip http secure-server ....................120 Ejcrvgt"43 OCE"Cfftguu"Eqoocpfu0000000000000000000000000000000000000000000000000000000000000000343 mac address-table static......................121 mac address-table aging-time .....................122...
Page 9 copy running-config startup-config ..................137 copy startup-config tftp ......................138 copy tftp startup-config ......................138 firmware upgrade ........................139 ping .............................140 tracert ..........................141 loopback interface .......................142 show system-time........................142 show system-time dst ......................143 show system-time ntp......................143 show system-info.........................143 show running-config ......................144 show cable-diagnostics interface..................144 Ejcrvgt"45 KRx8"Cfftguu"Eqphkiwtcvkqp"Eqoocpfu 0000000000000000000000000000000000000000368 ipv6 enable ..........................146 ipv6 address autoconfig.......................146 ipv6 address link-local ......................147...
Page 10 bandwidth ..........................158 clear counters........................159 show interface status......................159 show interface counters.......................160 show interface description ....................161 show interface flowcontrol ....................161 show interface configuration....................162 show storm-control ......................162 show bandwidth........................163 Ejcrvgt"47 SqU"Eqoocpfu00000000000000000000000000000000000000000000000000000000000000000000000000000000386 qos ............................164 qos cos ..........................164 qos dscp ..........................165 qos queue cos-map ......................166 qos queue dscp-map ......................166 qos queue mode........................167 show qos interface ......................168...
Page 11 show loopback-detection global ..................179 show loopback-detection interface ..................180 Ejcrvgt"4; CEN"Eqoocpfu000000000000000000000000000000000000000000000000000000000000000000000000000000003:3 time-range ...........................181 absolute..........................181 periodic..........................182 holiday ..........................183 holiday(global) ........................183 access-list create.........................184 mac access-list........................184 access-list standard......................185 access-list extended ......................186 access-list combined ......................187 rule ............................189 access-list policy name......................190 access-list policy action .......................191 redirect interface........................191 redirect vlan.........................192 s-condition ...........................192 s-mirror ..........................193...
Page 12 revision ..........................202 spanning-tree mst instance ....................203 spanning-tree mst........................204 spanning-tree priority......................204 spanning-tree tc-defend.......................205 spanning-tree timer......................206 spanning-tree hold-count.....................206 spanning-tree max-hops ......................207 spanning-tree bpdufilter.......................208 spanning-tree bpduguard ....................208 spanning-tree guard loop.....................209 spanning-tree guard root .....................209 spanning-tree guard tc......................210 spanning-tree mcheck ......................210 show spanning-tree active....................211 show spanning-tree bridge ....................
Page 13 dldp(global)..........................227 dldp interval .........................227 dldp shut-mode........................228 dldp reset(global).........................228 dldp(interface) ........................229 dldp reset(interface)......................229 show dldp ..........................230 show dldp interface......................230 Ejcrvgt"55 KIOR"Upqqrkpi"Eqoocpfu 000000000000000000000000000000000000000000000000000000000000454 ip igmp snooping(global) .....................232 ip igmp snooping(interface) ....................232 ip igmp snooping immediate-leave ..................233 ip igmp snooping drop-unknown..................233 ip igmp snooping vlan-config ....................234 ip igmp snooping multi-vlan-config ..................235 ip igmp snooping filter add-id....................236 ip igmp snooping filter(global)....................237...
Page 14 ipv6 mld snooping member-aging-time................249 ipv6 mld snooping report-suppression.................249 ipv6 mld snooping unknown-filter ..................250 ipv6 mld snooping last-listener query-inteval...............250 ipv6 mld snooping last-listener query-count ................251 ipv6 mld snooping multicast-vlan..................251 ipv6 mld snooping multicast-vlan vlan-id ................252 ipv6 mld snooping vlan ......................252 ipv6 mld snooping vlan router-aging-time................253 ipv6 mld snooping vlan member-aging-time ................253 ipv6 mld snooping vlan immediate-leave................254 ipv6 mld snooping vlan mrouter...................254...
Page 15 snmp-server community ......................270 snmp-server host.........................271 snmp-server engineID ......................272 snmp-server traps snmp......................273 snmp-server traps security ....................274 snmp-server traps link-status....................275 snmp-server traps........................275 snmp-server traps mac......................276 snmp-server traps vlan ......................277 rmon history.........................278 rmon event ..........................279 rmon alarm ..........................280 show snmp-server .......................282 show snmp-server view .......................282 show snmp-server group .....................282 show snmp-server user .......................283 show snmp-server community.....................283...
Page 16 cluster ndp...........................295 cluster ntdp ..........................296 cluster explore ........................297 cluster..........................297 cluster ip pool ........................298 cluster commander ......................298 cluster manage........................299 cluster member........................299 cluster candidate .........................300 cluster individual........................300 show cluster ndp........................301 show cluster ntdp.........................301 show cluster ........................302 show cluster member ......................302 show cluster manage role....................303 show cluster neighbor......................303 Ejcrvgt"5: CCC"Eqoocpfu 0000000000000000000000000000000000000000000000000000000000000000000000000000000526 aaa enable...........................304...
Page 17 line ssh ..........................317 login authentication(ssh)......................318 enable authentication(ssh) ....................318 ip http login authentication....................319 ip http enable authentication....................320 show aaa global ........................320 Ejcrvgt"5; FJER"Tgnc{"Eqoocpfu 000000000000000000000000000000000000000000000000000000000000000000543 ip dhcp relay ........................321 ip dhcp relay helper-address ....................321 ip dhcp relay information option...................322 ip dhcp relay information strategy..................322 ip dhcp relay information circuit-id ..................323 ip dhcp relay information remote-id ..................323 show ip dhcp relay.......................324...
Page 18 LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rtghceg" This Guide is intended for network administrator to provide referenced information about CLI (Command Line Interface). The device mentioned in this Guide stands for TL-SL5428E 24-Port 10/100Mbps + 4-Port Gigabit JetStream L2 Managed Switch. Qxgtxkgy"qh"vjku"Iwkfg"...
Page 19 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"34<"Dkpfkpi"Vcdng"Eqoocpfu" Provide information about the commands used for binding the IP address, MAC address, VLAN and the connected Port number of the Host together. Besides it also provide information about the commands used for monitoring the process of the Host obtaining the IP address from DHCP server, and record the IP address, MAC address, VLAN and the connected Port number of the Host for automatic binding.
Page 20 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"46<"Gvjgtpgv"Eqphkiwtcvkqp"Eqoocpfu" Provide information about the commands used for configuring the Bandwidth Control, Negotiation Mode, and Storm Control for ethernet ports. Ejcrvgt"47<"SqU"Eqoocpfu" Provide information about the commands used for configuring the QoS function. Ejcrvgt"48<"Rqtv"Okttqt"Eqoocpfu" Provide information about the commands used for configuring the Port Mirror function.
Page 21 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"59<"Enwuvgt"Eqoocpfu" Provide information about the commands used for configuring the Cluster Management function. Ejcrvgt"5:<"CCC"Eqoocpfu" Provide information about the commands used for configuring the AAA function. Ejcrvgt"5;<"FJER"Tgnc{"Eqoocpfu" Provide information about the commands used for configuring the DHCP Relay function.
Page 22 Data bits: 8  Parity: none  Stop bits: 1  Flow control: none  The DOS prompt “TL-SL5428E>” will appear after pressing the Enter button as shown in Figure 1-1. It indicates that you can use the CLI now.
Page 23 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Figure 1-1 Log in the Switch 30304" Nqiqp"d{"Vgnpgv" For Telnet connection, you should also configure the Telnet login mode and login authentication information through console connection. Telnet login has the following two modes. You can choose one according to your needs: Nqikp"nqecn"Oqfg:"It requires username and password, which are both cfokp"by default.
Page 24 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Now, you can logon by Telnet in nqikp"nqecn"mode. Make sure the switch and the PC are in the same LAN. Click Uvctv and type in eof in the Search programs and files window and press the Gpvgt button. Figure 1-3 Run Window Type"vgnpgv"3;4038:0203"in the command prompt"shown as Figure 1-4, and press the Gpvgt button.
Page 25 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Type gpcdng command to enter Privileged EXEC Mode. Figure 1-6 Enter into the Priviledged EXEC Mode Now you can manage your switch with CLI commands through Telnet connection.  Nqikp"Oqfg" Firstly configure the Telnet login mode as “nqikp” and the connection password as 678 in the prompted DOS screen shown in Figure 1-7.
Page 26 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Figure 1-8 Run Window Type"vgnpgv"3;4038:0203"in the command prompt"shown as 错误！未找到引用源。, and press the Gpvgt button. Figure 1-9 Connecting to the Switch You are prompted to enter the connection password 678 you have set through Console port connection, and then you are in User EXEC Mode.
Page 27 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Type gpcdng command to enter Privileged EXEC Mode. Figure 1-11 Enter into the Privileged EXEC Mode Now you can manage your switch with CLI commands through Telnet connection. Pqvg<" You can refer to for detailed commands information Ejcrvgt"33"Wugt"Ocpcigogpv"Eqoocpfu of the Telnet connection configuration.
Page 28 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg  Rcuuyqtf"Cwvjgpvkecvkqp"Oqfg" Open the software to log on to the interface of PuTTY. Enter the IP address of the switch into Jquv"Pcog field; keep the default value 22 in the Rqtv field; select UUJ as the Connection type.
Page 29 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg  Mg{"Cwvjgpvkecvkqp"Oqfg" Select the key type and key length, and generate SSH key. Figure 1-15 Generate SSH Key Pqvg<" The key length is in the range of 512 to 3072 bits. During the key generation, randomly moving the mouse quickly can accelerate the key generation.
Page 30 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg After the key is successfully generated, please save the public key to a TFTP server and save the private key on the local host. Figure 1-16 Save the Generated Key Log on to the switch by Telnet and download the public key file from the TFTP server to the switch, as the following figure shows: Figure 1-17 Download the Public Key...
Page 31 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Pqvg<" The key type should accord with the type of the key file. The SSH key downloading can not be interrupted. After the public key is downloaded, please log on to the interface of PuTTY and enter the IP address for login.
Page 32 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Click Dtqyug"to download the private key file to SSH client software and click Qrgp. Figure 1-19 Download the Private Key After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates that the key has been successfully downloaded.
Page 33 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Interface gigabitEthernet, Interface link-aggregation and some other modes, which is shown as the following diagram. The following table gives detailed information about the Accessing path, Prompt of each mode and how to exit the current mode and access the next mode. Oqfg"...
Page 34 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Oqfg" Ceeguukpi"Rcvj" Rtqorv" Nqiqwv"qt"Ceeguu"vjg"pgzv"oqfg Use the kpvgthceg Use the gpf"command or press Evtn-\ to return to Privileged EXEC mode. hcuvGvjgtpgv/ikicdkvGvj VN/UN764:G*eqphki/kh+% gtpgv"port or kpvgthceg Interface Enter gzkv"or"%"command to return to tcpig"hcuvGvjgtpgv/ Configuration Global Configuration mode. VN/UN764:G*eqphki/kh/"...
Page 35 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"jkuvqt{: Displays the commands history.  305" " Ugewtkv{"Ngxgnu" This switch’s security is divided into two levels: User level and Admin level. User level only allows users to do some simple operations in User EXEC Mode; Admin level allows you to monitor, configure and manage the switch in Privileged EXEC Mode, Global Configuration Mode, Interface Configuration Mode and VLAN Configuration Mode.
Page 36 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg If a blank is contained in a character string, single or double quotation marks should be used,  for example ’hello world’, ”hello world”, and the words in the quotation marks will be identified as a string.
Page 37 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"4" Wugt"Kpvgthceg" gpcdng" Fguetkrvkqp" The gpcdng command is used to access Privileged EXEC Mode from User EXEC Mode. U{pvcz" gpcdng" Eqoocpf"Oqfg" User EXEC Mode Gzcorng" If you have set the password to access Privileged EXEC Mode from User EXEC Mode: VN/UN764:G@gpcdng"...
Page 38 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%gpcdng"rcuuyqtf"admin" fkucdng" Fguetkrvkqp" The fkucdng command is used to return to User EXEC Mode from Privileged EXEC Mode. U{pvcz" fkucdng" Eqoocpf"Oqfg" Privileged EXEC Mode Gzcorng" Return to User EXEC Mode from Privileged EXEC Mode: VN/UN764:G%fkucdng"...
Page 39 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg gzkv" Fguetkrvkqp" The gzkv command is used to return to the previous Mode from the current Mode. " U{pvcz" gzkv" Eqoocpf"Oqfg" Any Configuration Mode Gzcorng" Return to Global Configuration Mode from Interface Configuration Mode, and then return to Privileged EXEC Mode: VN/UN764:G*eqphki/kh+%gzkv"...
Page 40 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"jkuvqt{" Fguetkrvkqp" The ujqy" jkuvqt{ command is used to show the latest 20 commands you entered since the switch is powered. U{pvcz" ujqy"jkuvqt{" Eqoocpf"Oqfg" Privileged EXEC Mode and any Configuration Mode Gzcorng" Show the commands you have entered before: VN/UN764:G*eqphki/kh+%ujqy"jkuvqt{"...
Page 41 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"5" KGGG":2403S"XNCP"Eqoocpfu" VLAN (Virtual Local Area Network) technology is developed for the switch to divide the LAN into multiple logical LANs flexibly. Hosts in the same VLAN can communicate with each other, regardless of their physical locations. VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.
Page 42 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kpvgthceg"xncp Fguetkrvkqp" The" kpvgthceg" xncp command is used to create VLAN Interface hereafter to access to Interface VLAN Mode. U{pvcz" kpvgthceg"xncp"vlan-id pq"kpvgthceg"xncp"vlan-id Rctcogvgt" vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 1 to 4094. Eqoocpf"Oqfg"...
Page 43 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the description string of the VLAN 2 as “VLAN002”: VN/UN764:G*eqphki+%xncp"2" VN/UN764:G*eqphki/xncp+%pcog"VLAN002" uykvejrqtv"oqfg Fguetkrvkqp" The uykvejrqtv" oqfg command is used to configure the Link Types for the ports. U{pvcz" uykvejrqtv"oqfg { access | trunk | general } Rctcogvgt"...
Page 44 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 2 to 4094. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Configure Fast Ethernet port 3 whose link type is “access” to VLAN 2: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/3 VN/UN764:G*eqphki/kh+%uykvejrqtv"ceeguu xncp 2"...
Page 45 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg uykvejrqtv"igpgtcn"cnnqygf"xncp Fguetkrvkqp" The uykvejrqtv" igpgtcn" cnnqygf" xncp command is used to add the desired General port to IEEE 802.1Q VLAN, or to remove a port from the corresponding VLAN. U{pvcz" uykvejrqtv"igpgtcn"cnnqygf"xncp"vlan-list { tagged | untagged }" pq"uykvejrqtv"igpgtcn"cnnqygf"xncp"vlan-list Rctcogvgt"...
Page 46 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 1 to 4094. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Specify the PVID of Fast Ethernet port 3 as 1: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv 1/0/3 VN/UN764:G*eqphki/kh+%uykvejrqtv"rxkf 1"...
Page 47 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the brief information of IEEE 802.1Q VLAN: VN/UN764:G*eqphki+%ujqy"xncp"dtkgh" ujqy"xncp Fguetkrvkqp" The ujqy" xncp command is used to display the detailed information of IEEE 802.1Q VLAN.
Page 48 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"6" OCE/dcugf"XNCP"Eqoocpfu" MAC VLAN (Virtual Local Area Network) is the way to classify the VLANs based on MAC address. A MAC address is relative to a single VLAN ID. The untagged packets and the priority-tagged packets coming from the MAC address will be tagged with this VLAN ID.
Page 49 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg oce/xncp" Fguetkrvkqp" The oce/xncp" command is used to enable a port for the MAC-based VLAN feature. Only the port is enabled can the configured MAC-based VLAN take effect. To disable the MAC-based VLAN function, please use pq" oce/xncp" command.
Page 50 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the information of all the MAC-based VLAN entry: VN/UN764:G*eqphki+%ujqy"oce/xncp"cnn" ujqy"oce/xncp"kpvgthceg" Fguetkrvkqp" The ujqy" oce/xncp kpvgthceg command is used to display the port state of MAC-based VLAN. U{pvcz" ujqy"oce/xncp"kpvgthceg" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 51 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"7" Rtqvqeqn/dcugf"XNCP"Eqoocpfu" Protocol VLAN (Virtual Local Area Network) is the way to classify VLANs based on Protocols. A Protocol is relative to a single VLAN ID. The untagged packets and the priority-tagged packets matching the protocol template will be tagged with this VLAN ID.
Page 52 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg rtqvqeqn/xncp"xncp" Fguetkrvkqp" The rtqvqeqn/xncp" xncp command is used to create a Protocol-based VLAN entry. To delete a Protocol-based VLAN entry, please use pq" rtqvqeqn/xncp xncp command. U{pvcz" rtqvqeqn/xncp"xncp"vlan-id vgorncvg"template-idx pq"rtqvqeqn/xncp"xncp group-idx Rctcogvgt" vlan-id —— Specify IEEE 802.1Q VLAN ID, ranging from 1-4094. template-idx ——The number of the Protocol-based VLAN Template.
Page 53 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" rtqvqeqn/xncp" pq"rtqvqeqn/xncp Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable the Protocol-based VLAN feature for the Gigabit Ethernet port 25: VN/UN764:G*eqphki+%kpvgthceg"ikicdkvGvjgtpgv"1/0/25 VN/UN764:G*eqphki/kh+%rtqvqeqn/xncp"...
Page 54 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"rtqvqeqn/xncp"xncp Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display information of the Protocol-based VLAN entry: VN/UN764:G*eqphki+%ujqy rtqvqeqn/xncp"xncp ujqy"rtqvqeqn/xncp"kpvgthceg" Fguetkrvkqp" The ujqy"rtqvqeqn/xncp"kpvgthceg command is used to display port state and of Protocol-based VLAN interface. U{pvcz"...
Page 55 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"8" XNCP/XRP"Eqoocpfu" VLAN-VPN (Virtual Private Network) function, the implement of a simple and flexible Layer 2 VPN technology, allows the packets with VLAN tags of private networks to be encapsulated with VLAN tags of public networks at the network access terminal of the Internet Service Provider. And these packets will be transmitted with double-tag across the public networks.
Page 56 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" num —— The value of Global TPID. It must be 4 Hex integers. By default, it is 8100. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure Global TPID of the VLAN-VPN as 0x9100: VN/UN764:G*eqphki+%fqv3s/vwppgn"vrkf 9100 fqv3s/vwppgn"ocrrkpi Fguetkrvkqp"...
Page 57 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg uykvejrqtv"fqv3s/vwppgn"ocrrkpi Fguetkrvkqp" The uykvejrqtv"fqv3s/vwppgn"ocrrkpi command is used to enable the VLAN Mapping feature for a specified port. To disable the VLAN Mapping feature of this port, please use the pq"uykvejrqtv"fqv3s/vwppgn"ocrrkpi command. By default, the VLAN Mapping feature of all ports is disabled." U{pvcz"...
Page 58 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Configure the Fast Ethernet port 3 as the VPN Up-link ports: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/3 VN/UN764:G*eqphki/kh+%uykvejrqtv"fqv3s/vwppgn"oqfg"wrnkpm" ujqy"fqv3s/vwppgn Fguetkrvkqp" The ujqy" fqv3s/vwppgn command is used to display the global configuration information of the VLAN VPN." U{pvcz" ujqy"fqv3s/vwppgn"...
Page 59 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"fqv3s/vwppgn"ocrrkpi"kpvgthceg" Fguetkrvkqp" The ujqy" fqv3s/vwppgn" ocrrkpi" kpvgthceg command is used to display the VLAN Mapping port enable state of VLAN Mapping" U{pvcz" ujqy"fqv3s/vwppgn"ocrrkpi"kpvgthceg" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the enable state of all VLAN Mapping ports: VN/UN764:G*eqphki+%ujqy"fqv3s/vwppgn"ocrrkpi"kpvgthceg"...
Page 60 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"9" Xqkeg"XNCP"Eqoocpfu" Voice VLANs are configured specially for voice data stream. By configuring Voice VLANs and adding the ports with voice devices attached to voice VLANs, you can perform QoS-related configuration for voice data, ensuring the transmission priority of voice data stream and voice quality.
Page 61 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg pq"xqkeg"xncp"cikpi"vkog Rctcogvgt" time —— Aging time (in minutes) to be set for the Voice VLAN. It ranges from 1 to 43200. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Set the aging time for the Voice VLAN as 1 minute: VN/UN764:G*eqphki+%xqkeg"xncp"cikpi"vkog"1"...
Page 62 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg xqkeg"xncp"oce/cfftguu" Fguetkrvkqp" The xqkeg"xncp"oce/cfftguu command is used to create Voice VLAN OUI. To delete the specified Voice VLAN OUI, please use pq"xqkeg"xncp"oce/cfftguu" command." U{pvcz" xqkeg"xncp"oce/cfftguu"mac-addr"ocum"mask"[fguetkrvkqp"descript] pq"xqkeg"xncp"oce/cfftguu"mac-addr Rctcogvgt" mac-addr —— The OUI address of the voice device, in the format of XX:XX:XX:XX:XX:XX.
Page 63 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" manual | auto —— Port mode. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Configure the Fast Ethernet port 3 to operate in the auto voice VLAN mode: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/3 VN/UN764:G*eqphki/kh+%uykvejrqtv"xqkeg"xncp"oqfg"auto"...
Page 64 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"xqkeg"xncp" " Fguetkrvkqp" The ujqy" xqkeg" xncp" command is used to display the global configuration information of Voice VLAN. U{pvcz" ujqy"xqkeg"xncp" " Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the configuration information of Voice VLAN globally: VN/UN764:G*eqphki+%ujqy"xqkeg"xncp"...
Page 65 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"xqkeg"xncp"uykvejrqtv" Fguetkrvkqp" The ujqy"xqkeg"xncp"uykvejrqtv command is used to display the configuration information of all the ports or one specified port in the Voice VLAN. U{pvcz" ujqy"xqkeg"xncp"uykvejrqtv"[hcuvGvjgtpgv"port | ikicdkvGvjgtpgv"port] Rctcogvgt" port ——The Fast/Gigabit Ethernet port number selected to display the configuration information.
Page 66 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt":" Rtkxcvg"XNCP"Eqoocpfu" Private VLANs are configured specially for saving VLAN resource of uplink devices and decreasing broadcast. rtkxcvg/xncp"rtkoct{" Fguetkrvkqp" The rtkxcvg/xncp"rtkoct{"command is used to configure the designated VLAN as the primary VLAN of the Private VLAN. To abolish the currently primary VLAN, please use pq"rtkxcvg/xncp rtkoct{"command.
Page 67 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" VLAN Configuration Mode (VLAN) Gzcorng" Configure the VLAN 4 as the community VLAN of the private VLAN: VN/UN764:G*eqphki+%xncp"4 VN/UN764:G*eqphki/xncp+%rtkxcvg/xncp"eqoowpkv{" rtkxcvg/xncp"cuuqekcvkqp" Fguetkrvkqp" The rtkxcvg/xncp" cuuqekcvkqp" command is used to associate primary VLAN with secondary VLAN. To exterminate the currently association, please use pq" rtkxcvg/xncp cuuqekcvkqp"command.
Page 68 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" uykvejrqtv"rtkxcvg/xncp"{ promiscuous | host"} pq"uykvejrqtv"rtkxcvg/xncp"{ promiscuous | host"} Rctcogvgt" promiscuous | host —— Configure the private VLAN mode for the switchport. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 69 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Configure host type Fast Ethernet port 3 as a member of primary VLAN 3 and secondary VLAN 4: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/3 VN/UN764:G*eqphki/kh+%uykvejrqtv"rtkxcvg/xncp"jquv/cuuqekcvkqp"3 4" uykvejrqtv"rtkxcvg/xncp"ocrrkpi" Fguetkrvkqp" The uykvejrqtv"rtkxcvg/xncp"ocrrkpi"command is used to add promiscuous type port to private VLAN. To remove the port from Private VLAN, please use pq" uykvejrqtv"rtkxcvg/xncp"ocrrkpi command.
Page 70 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"xncp"rtkxcvg/xncp" Fguetkrvkqp" The" ujqy" xncp" rtkxcvg/xncp" command is used to display the Private VLAN configuration information of the switch. U{pvcz" ujqy"xncp"rtkxcvg/xncp Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the configuration information of all Private VLAN: VN/UN764:G*eqphki+%ujqy"xncp"rtkxcvg/xncp"...
Page 71 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt";" IXTR"Eqoocpfu" GVRP (GARP VLAN registration protocol) is an implementation of GARP (generic attribute registration protocol). GVRP allows the switch to automatically add or remove the VLANs via the dynamic VLAN registration information and propagate the local VLAN registration information to other switches, without having to individually configure each VLAN.
Page 72 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEhternet) Gzcorng" Enable the GVRP function for Fast Ethernet ports 2-6: VN/UN764:G*eqphki+%kpvgthceg"tcpig"hcuvGvjgtpgv 1/0/2-6" VN/UN764:G*eqphki/kh/tcpig+%ixtr" " ixtr"tgikuvtcvkqp" Fguetkrvkqp" The ixtr"...
Page 73 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ixtr"vkogt" Fguetkrvkqp" The ixtr"vkogt command is used to set a GVRP timer for the desired port. To restore to the default setting of a GARP timer, please use pq" ixtr" vkogt command. U{pvcz" ixtr"vkogt"{ leaveall | join | leave } value pq"ixtr"vkogt"[leaveall | join | leave] Rctcogvgt"...
Page 74 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"ixtr"inqdcn" Fguetkrvkqp" The ujqy"ixtr"inqdcn command is used to display the global GVRP status. U{pvcz" ujqy"ixtr"inqdcn" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the global GVRP status: VN/UN764:G*eqphki+%ujqy"ixtr"inqdcn" ujqy"ixtr"kpvgthceg" Fguetkrvkqp" The ujqy"ixtr"kpvgthceg command is used to display the GVRP configuration information of a specified Ethernet port or of all Ethernet ports.
Page 75 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"32" Gvjgtejcppgn"Eqoocpfu" Etherchannel Commands are used to configure LAG and LACP function. LAG (Link Aggregation Group) is to combine a number of ports together to make a single high-bandwidth data path, which can highly extend the bandwidth. The bandwidth of the LAG is the sum of bandwidth of its member port.
Page 76 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg rqtv/ejcppgn"nqcf/dcncpeg" Fguetkrvkqp" The"rqtv/ejcppgn"nqcf/dcncpeg"command is used to configure the Aggregate Arithmetic for LAG. To return to the default configurations, please use" pq" rqtv/ejcppgn"nqcf/dcncpeg command. U{pvcz" rqtv/ejcppgn"nqcf/dcncpeg {src-dst-mac | src-dst-ip} pq"rqtv/ejcppgn"nqcf/dcncpeg Rctcogvgt" src-dst-mac —— The source and destination MAC address. When this option is selected, the Aggregate Arithmetic will be based on the source and destination MAC addresses of the packets.
Page 77 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the LACP system priority as 1024 globally: VN/UN764:G*eqphki+%ncer"u{uvgo/rtkqtkv{ 1024 ncer"rqtv/rtkqtkv{" Fguetkrvkqp" The"ncer"rqtv/rtkqtkv{"command is used to configure the LACP system priority globally. To return to the default configurations, please use" pq" ncer" rqtv/rtkqtkv{ command.
Page 78 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" channel-group-num —— The EtherChannel Group number, ranging from 1 to 14. By default, it is empty, and will display the information of all EtherChannel Groups. detail —— The detailed information of EtherChannel. summary ——...
Page 79 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" channel-group-num —— The EtherChannel Group number, ranging from 1 to 14. By default, it is empty, and will display the information of all LACP groups. internal —— The internal LACP information. neighbor —— The neighbor LACP information. Eqoocpf"Oqfg"...
Page 80 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"33" Wugt"Ocpcig"Eqoocpfu" User Manage Commands are used to manage the user’s logging information by Web, CLI or SSH, so as to protect the settings of the switch from being randomly changed. wugt"pcog" Fguetkrvkqp" The wugt"...
Page 81 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%wugt" pcog" tplink rcuuyqtf password" v{rg admin uvcvwu enable wugt"ceeguu/eqpvtqn"kr/dcugf" Fguetkrvkqp" The wugt" ceeguu/eqpvtqn" kr/dcugf" command is used to limit the IP-range of the users for login. Only the users within the IP-range you set here are allowed to login.
Page 82 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" wugt"ceeguu/eqpvtqn oce/dcugf mac-addr pq"wugt"ceeguu/eqpvtqn Rctcogvgt" mac-addr —— The source MAC address. Only the user with this MAC address is allowed to login. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure that only the user with the MAC address 00:00:13:0A:00:01 is allowed to login: VN/UN764:G*eqphki+%wugt"ceeguu/eqpvtqn"oce/dcugf 00:00:13:0A:00:01 wugt"ceeguu/eqpvtqn"rqtv/dcugf"...
Page 83 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%wugt" ceeguu/eqpvtqn" rqtv/dcugf" kpvgthceg" tcpig" " hcuvGvjgtpgv 1/0/2-6" wugt"ocz/pwodgt" Fguetkrvkqp" The wugt"ocz/pwodgt command is used to configure the maximum login user number at the same time. To cancel the limit on login number, please use pq" wugt"ocz/pwodgt command.
Page 84 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" minutes ——The timeout time, ranging from 5 to 30 in minutes. The value is 10 by default. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the timeout time of the switch as 15 minutes: VN/UN764:G*eqphki+%wugt"kfng/vkogqwv"15 nkpg"...
Page 85 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Enter the Virtual Terminal configuration mode so as to prepare further configurations such as password and login mode for virtual terminal 0 to 5: VN/UN764:G*eqphki+%nkpg"xv{"0 5 rcuuyqtf" Fguetkrvkqp" The" rcuuyqtf command is used to configure the connection password. To clear the password, please use"pq"rcuuyqtf"command.
Page 86 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nqikp" Fguetkrvkqp" The"nqikp command is used to configure the login of a switch not to use the user name and password. At this situation, a connection password must be set for virtual terminal connection. U{pvcz"...
Page 87 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Configure the login of Console port connection 0 as login local mode: VN/UN764:G*eqphki+%nkpg"eqpuqng 0 VN/UN764:G*eqphki/nkpg+%nqikp"nqecn" ujqy"wugt"ceeqwpv/nkuv" Fguetkrvkqp" The ujqy"wugt"ceeqwpv/nkuv command is used to display the information of the current users. U{pvcz" ujqy"wugt"ceeqwpv/nkuv" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 88 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"34" Dkpfkpi"Vcdng"Eqoocpfu" You can bind the IP address, MAC address, VLAN and the connected Port number of the Host together, which can be the condition for the ARP Inspection and IP verify source to filter the packets.
Page 89 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Bind an ACL entry with the IP 192.168.0.1, MAC 00:00:00:00:00:01, VLAN ID 2 and the Port number 5 manually. And then enable the entry for the ARP detection and IP filter function: VN/UN764:G*eqphki+%kr"uqwteg"dkpfkpi host1 192.168.0.1 00:00:00:00:00:01 xncp 2 kpvgthceg"hcuvGvjgtpgv"1/0/5 both Delete the IP-MAC –VID-PORT entry with the index 5:...
Page 90 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Modify the hostname as “tp-link” of the entry with the index 1: VN/UN764:G*eqphki+%kr"uqwteg"dkpfkpi"kpfgz 1 jquvpcog tp-link kr"fjer"upqqrkpi" Fguetkrvkqp" The"kr"fjer"upqqrkpi command is used to enable DHCP-Snooping function globally. To disable DHCP-Snooping function globally, please use pq" kr" fjer"...
Page 91 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" kr" fjer" upqqrkpi" inqdcn" {" [inqdcn/tcvg global-rate] [fge/vjtgujqnf dec-threshold] [fge/tcvg dec-rate] } pq"kr"fjer"upqqrkpi"inqdcn" Rctcogvgt" global-rate —— The value to specify the maximum amount of DHCP messages that can be forwarded by the switch per second. The excessive messages will be discarded.
Page 92 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg pq"kr"fjer"upqqrkpi"kphqtocvkqp"qrvkqp" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable the Option 82 function of DHCP Snooping for port 2: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%kr"fjer"upqqrkpi"kphqtocvkqp"qrvkqp kr"fjer"upqqrkpi"kphqtocvkqp"uvtcvgi{" Fguetkrvkqp"...
Page 93 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%kr"fjer"upqqrkpi"kphqtocvkqp"uvtcvgi{"replace kr"fjer"upqqrkpi"kphqtocvkqp"tgoqvg/kf" Fguetkrvkqp" The"kr"fjer"upqqrkpi"kphqtocvkqp"tgoqvg/kf"command is used to enable and configure the customized sub-option Remote ID for the Option 82. To return to default Remote ID for the Option 82, please use pq kr" fjer" upqqrkpi" kphqtocvkqp"tgoqvg/kf"command.
Page 94 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" kr"fjer"upqqrkpi"kphqtocvkqp"ektewkv/kf string pq"kr"fjer"upqqrkpi"kphqtocvkqp"ektewkv/kf" Rctcogvgt" string —— Enter the sub-option Circuit ID, which contains 32 characters at most. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 95 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"fjer"upqqrkpi"oce/xgtkh{" Fguetkrvkqp" The kr"fjer"upqqrkpi"oce/xgtkh{ command is used to enable the MAC Verify feature. To disable the MAC Verify feature, please use pq" kr"fjer" upqqrkpi" oce/xgtkh{ command. There are two fields of the DHCP packet containing the MAC address of the Host.
Page 96 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Set the Flow Control of Fast Ethernet port 2 as 20 pps: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%kr"fjer"upqqrkpi"nkokv"tcvg"20 kr"fjer"upqqrkpi"fgenkpg" Fguetkrvkqp"...
Page 97 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the IP-MAC-VID-PORT binding table: VN/UN764:G*eqphki+%ujqy"kr"uqwteg"dkpfkpi" ujqy"kr"fjer"upqqrkpi" Fguetkrvkqp" The"ujqy"kr"fjer"upqqrkpi command is used to display the running status of DHCP-Snooping. U{pvcz" ujqy"kr"fjer"upqqrkpi" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 98 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the Option 82 configuration status of all Ethernet ports: VN/UN764:G%ujqy"kr"fjer"upqqrkpi"kphqtocvkqp"kpvgthceg" Display the Option 82 configuration status of Fast Ethernet port 5: VN/UN764:G%ujqy" kr" fjer" upqqrkpi" kphqtocvkqp" kpvgthceg" hcuvGvjgtpgv" 1/0/5 ujqy"kr"fjer"upqqrkpi"kpvgthceg" Fguetkrvkqp" The"...
Page 99 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"35" CTR"Kpurgevkqp"Eqoocpfu" ARP (Address Resolution Protocol) Detect function is to protect the switch from the ARP cheating, such as the Network Gateway Spoofing and Man-In-The-Middle Attack, etc. kr"ctr"kpurgevkqp*inqdcn+" Fguetkrvkqp" The kr ctr"kpurgevkqp"command is used to enable the ARP Detection function globally.
Page 100 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEhternet) Gzcorng" Configure the Fast Ethernet ports 2-5 as the Trusted Port: VN/UN764:G*eqphki+%kpvgthceg"tcpig hcuvGvjgtpgv 1/0/2-5 VN/UN764:G*eqphki/kh/tcpig+%kr"ctr"kpurgevkqp"vtwuv kr"ctr"kpurgevkqp*kpvgthceg+" Fguetkrvkqp"...
Page 101 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"ctr"kpurgevkqp"nkokv/tcvg" Fguetkrvkqp" The kr"ctr"kpurgevkqp"nkokv/tcvg command is used to configure the ARP speed of a specified port. To restore to the default speed, please use pq" kr" ctr" kpurgevkqp"nkokv/tcvg command. U{pvcz" kr"ctr"kpurgevkqp"nkokv/tcvg"value pq"kr"ctr"kpurgevkqp"nkokv/tcvg" Rctcogvgt" value ——The value to specify the maximum amount of the received ARP packets per second, ranging from 10 to 100 in pps(packet/second).
Page 102 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Restore Fast Ethernet port 5 to the ARP transmit status: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv 1/0/5 VN/UN764:G*eqphki/kh+%kr"ctr"kpurgevkqp"tgeqxgt" ujqy"kr"ctr"kpurgevkqp" Fguetkrvkqp" The ujqy" kr" ctr" kpurgevkqp command is used to display the ARP detection global configuration including the enable/disable status and the Trusted Port list. U{pvcz"...
Page 103 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%ujqy"kr"ctr"kpurgevkqp"kpvgthceg"hcuvGvjgtpgv"1/0/1" Display the configuration of all Ethernet ports: VN/UN764:G*eqphki+%ujqy"kr"ctr"kpurgevkqp"kpvgthceg" ujqy"kr"ctr"kpurgevkqp"uvcvkuvkeu" Fguetkrvkqp" The"ujqy"kr"ctr"kpurgevkqp"uvcvkuvkeu command is used to display the number of the illegal ARP packets received. U{pvcz" ujqy"kr"ctr"kpurgevkqp"uvcvkuvkeu" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 104 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"36" KR"Xgtkh{"Uqwteg"Eqoocpfu" IP Verify Source is to filter the IP packets based on the IP-MAC Binding entries. Only the packets matched to the IP-MAC Binding rules can be processed, which can enhance the bandwidth utility. kr"xgtkh{"uqwteg"...
Page 105 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kr"xgtkh{"uqwteg" Fguetkrvkqp" The ujqy"kr"xgtkh{"uqwteg command is used to display the IP Verify Source configuration information. U{pvcz" ujqy"kr"xgtkh{"uqwteg" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the IP Verify Source configuration information: VN/UN764:G*eqphki+%ujqy"kr"xgtkh{"uqwteg"...
Page 106 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"37" FqU"Fghgpf"Eqoocpf" DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network attackers or the evil programs sending a lot of service requests to the Host. With the DoS Defend enabled, the switch can analyze the specific field of the received packets and provide the defend measures to ensure the normal working of the local network.
Page 107 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" ping-rate —— Specify the transmission rate of the Ping packets when the Defend Type Ping Flooding is enabled. The options are 128k、 256k、 512k、 1m、 2m、4m in bps. By default, the value is 128k. Eqoocpf"Oqfg"...
Page 108 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"fqu/rtgxgpv"v{rg" Fguetkrvkqp" The kr"fqu/rtgxgpv"v{rg command is used to select the DoS Defend Type. To disable the corresponding Defend Type, please use pq" kr" fqu/rtgxgpv" v{rg" command. U{pvcz" kr"fqu/rtgxgpv"v{rg"{ land | scan-synfin | xma-scan | null-scan | port-less-1024 | smurf | blat | ping-flood | syn-flood | win-nuke | ping-of-death } pq"...
Page 109 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"fqu/rtgxgpv"fgvgev" Fguetkrvkqp" The"kr"fqu/rtgxgpv"fgvgev command is used to configure the detect time for each DoS attack type except the flooding attack type. U{pvcz" kr"fqu/rtgxgpv"fgvgev detect-time Rctcogvgt" detect-time —— Specify the detect time for each DoS attack type except the flooding attack type, ranging from 1 to 5 in second.
Page 110 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kr"fqu/rtgxgpv" Fguetkrvkqp" The ujqy"kr"fqu/rtgxgpv command is used to display the DoS information of " the detected DoS attack, including enable/disable status, the DoS Defend Type, the count of the attack, etc. U{pvcz" ujqy"kr"fqu/rtgxgpv" " Eqoocpf"Oqfg"...
Page 111 Authenticator: controls the physical access to the network based on the authentication status of the supplicant. It is usually an 802.1X-supported network device, such as this TP-LINK switch. It acts as an intermediary (proxy) between the supplicant and the authentication server, requesting identity information from the supplicant, verifying that information with the authentication server, and relaying a response to the supplicant.
Page 112 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg fqv3z"cwvj/ogvjqf" Fguetkrvkqp" The fqv3z" cwvj/ogvjqf command is used to configure the Authentication Method of IEEE 802.1X and the default 802.1X authentication method is “eap-md5”. To restore to the default 802.1X authentication method, please use pq fqv3z"cwvj/ogvjqf command.
Page 113 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" fqv3z"iwguv/xncp vid pq"fqv3z"iwguv/xncp" Rctcogvgt" vid —— The VLAN ID needed to enable the Guest VLAN function, ranging from " 2 to 4094. The supplicants in the Guest VLAN can access the specified network source.
Page 114 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg fqv3z"swkgv/rgtkqf" Fguetkrvkqp" The fqv3z"swkgv/rgtkqf command is used to enable the quiet-period function. To disable the function, please use"pq"fqv3z"swkgv/rgtkqf command. U{pvcz" fqv3z"swkgv/rgtkqf" pq"fqv3z"swkgv/rgtkqf" Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Enable the quiet-period function: VN/UN764:G*eqphki+%fqv3z"swkgv/rgtkqf" fqv3z"vkogqwv" Fguetkrvkqp"...
Page 115 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the quiet period as 100 seconds: VN/UN764:G*eqphki+%fqv3z"vkogqwv"swkgv/rgtkqf"100" fqv3z"ocz/tgcwvj/tgs" Fguetkrvkqp" The fqv3z" ocz/tgcwvj/tgs" command is used to configure the maximum transfer times of the repeated authentication request when the server cannot be connected.
Page 116 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" fqv3z" pq"fqv3z" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable the IEEE 802.1X function for the Fast Ethernet port 1: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/1" VN/UN764:G*eqphki/kh+%fqv3z"...
Page 117 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg fqv3z"rqtv/eqpvtqn" Fguetkrvkqp" The fqv3z" rqtv/eqpvtqn command is used to configure the Control Mode of IEEE 802.1X for the specified port. By default, the control mode is “auto”. To restore to the default configuration, please use" pq" fqv3z" rqtv/eqpvtqn command.
Page 118 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" fqv3z"rqtv/ogvjqf"{ mac-based | port-based } pq"fqv3z"rqtv/ogvjqf" Rctcogvgt" mac-based | port-based ——The control type for the port. mac-based: Any client connected to the port should pass the 802.1X authentication for access. port-based: All the clients connected to the port can access the network on the condition that any one of the clients has passed the 802.1X Authentication.
Page 119 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"fqv3z"kpvgthceg" Fguetkrvkqp" The ujqy"fqv3z"kpvgthceg"command is used to display all ports or the specified port’s configuration information of 801.X. U{pvcz" ujqy"fqv3z"kpvgthceg"[ hcuvGvjgtpgv"port | ikicdkvGvjgtpgv port ]" Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. Display the configuration of all the ports by default.
Page 120 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"39" RRRqG"Ektewkv/KF"Kpugtvkqp"Eqoocpfu" The PPPoE Circuit-ID Insertion feature provides a way to extract a Circuit-ID as an identifier for the authentication, authorization, and accounting (AAA) access requests on an Ethernet interface. When enabled, the switch attaches a tag to the PPPoE discovery packets, which is called the PPPoE Vendor-Specific tag and it contains a unique line identifier.
Page 121 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" rrrqg"ektewkv/kf" pq"rrrqg"ektewkv/kf" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable the PPPoE Circuit-ID Insertion function for the Fast Ethernet port 1/0/1: VN/UN764:G"*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/0/1"...
Page 122 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Configure the type of PPPoE Circuit-ID as “mac” for the Fast Ethernet port 1/0/1: VN/UN764:G"*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/011 VN/UN764:G"*eqphki/kh+%"rrrqg"ektewkv/kf"v{rg"mac" ujqy"rrrqg"ektewkv/kf"inqdcn" Fguetkrvkqp" The" ujqy" rrrqg" ektewkv/kf" inqdcn" command is used to display the global configuration of PPPoE Circuit-ID Insertion function. U{pvcz"...
Page 123 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the configuration information of PPPoE Circuit-ID Insertion function of all Ethernet ports: VN/UN764:G%"ujqy"rrrqg"ektewkv/kf"kpvgthceg" Display the configuration of PPPoE Circuit-ID Insertion function of the Fast Ethernet port 1/0/1 : VN/UN764:G%"ujqy"rrrqg"kpvgthceg"hcuvGvjgtpgv"1/0/1"...
Page 124 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"3:" U{uvgo"Nqi"Eqoocpfu" The log information will record the settings and operation of the switch respectively for you to monitor operation status and diagnose malfunction. nqiikpi"dwhhgt" Fguetkrvkqp" The nqiikpi" dwhhgt" command is used to configure the severity level and the status of the configuration input to the log buffer.
Page 125 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nqiikpi"hkng"hncuj" Fguetkrvkqp" The nqiikpi"hkng"hncuj command is used to configure the level and the status of the log file input. To disable the logging file flash funtion, please use pq nqiikpi" hkng"hncuj"command. The log file indicates the flash sector for saving system log. The information in the log file will not be lost after the switch is restarted and can be got by the ujqy"nqiikpi"hncuj"command."...
Page 126 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Koogfkcvg—— The system log file in the buffer will be synchronized to the flash immediately. This option will reduce the life of the flash and is not recommended. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Specify the log file synchronization frequency as 10 hours: VN/UN764:G*eqphki+%"nqiikpi"hkng"hncuj"htgswgpe{"rgtkqfke10"...
Page 127 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg engct"nqiikpi" Fguetkrvkqp" The"engct nqiikpi command is used to clear the information in the log buffer and log file. U{pvcz" engct nqiikpi"[ buffer | flash ]" Rctcogvgt" buffer | flash —The output channels: buffer and flash. Clear the information of the two channels, by default.
Page 128 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg priority. Only the log with the same or smaller severity level value will be sent to the corresponding log host. By default, it is 6 indicating that the log information marked with 0–6 will be sent to the log host. Eqoocpf"Oqfg"...
Page 129 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the configuration of the log host 2: VN/UN764:G*eqphki+%ujqy"nqiikpi"nqijquv"2" ujqy"nqiikpi"dwhhgt" Fguetkrvkqp" The ujqy"nqiikpi"dwhhgt command is used to display the log information in the log buffer according to the severity level. U{pvcz"...
Page 130 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg level ——Severity level. There are 8 severity levels marked with values 0-7. The information of levels with priority not lower than the select level will display. Display all the log information in the log file by default. Eqoocpf"Oqfg"...
Page 131 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"3;" UUJ"Eqoocpfu" SSH (Security Shell) can provide the unsecured remote management with security and powerful authentication to ensure the security of the management information. kr"uuj"ugtxgt" Fguetkrvkqp" The" kr uuj" ugtxgt" command is used to enable SSH function. To disable the SSH function, please use pq"kr uuj"ugtxgt"command.
Page 132 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable SSH v2: VN/UN764:G*eqphki+%kr"uuj"xgtukqp"v2 kr"uuj"vkogqwv" Fguetkrvkqp" The"kr"uuj"vkogqwv"command is used to specify the idle-timeout time of SSH. To restore to the factory defaults, please use kr"uuj"vkogqwv"command. U{pvcz" kr"uuj"vkogqwv"value pq"kr"uuj"vkogqwv Rctcogvgt" value — — The Idle-timeout time. During this period, the system will automatically release the connection if there is no operation from the client.
Page 133 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Specify the maximum number of the connections to the SSH server as 3: VN/UN764:G*eqphki+%kr"uuj"ocz/enkgpv"3 kr"uuj"fqypnqcf" Fguetkrvkqp" The" kr" uuj" fqypnqcf" command is used to download the SSH key file from TFTP server.
Page 134 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kr"uuj" Fguetkrvkqp" The"ujqy"kr"uuj"command is used to display the global configuration of SSH. U{pvcz" ujqy"kr"uuj Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the global configuration of SSH: VN/UN764:G*eqphki+%ujqy"kr"uuj...
Page 135 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"42" UUN"Eqoocpfu" " SSL（Secure Sockets Layer）, a security protocol, is to provide a secure connection for the application layer protocol(e.g. HTTP) based on TCP. Adopting asymmetrical encryption technology, SSL uses key pair to encrypt/decrypt information. A key pair refers to a public key (contained in the certificate) and its corresponding private key.
Page 136 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" ssl-cert —— The name of the SSL certificate which is selected to download to the switch. The length of the name ranges from 1 to 25 characters. The Certificate must be BASE64 encoded. ip-addr ——...
Page 137 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Download an SSL key named ssl-key from TFTP server with the IP address of 192.168.0.146: VN/UN764:G*eqphki+%" kr" jvvr" ugewtg/ugtxgt" fqypnqcf" mg{" ssl-key kr/cfftguu"192.168.0.146 Download an SSL key named ssl-key from TFTP server with the IP address of fe80::1234 VN/UN764:G*eqphki+%"...
Page 138 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"43" OCE"Cfftguu"Eqoocpfu" " MAC address configuration can improve the network security by configuring the Port Security and maintaining the address information by managing the Address Table. oce"cfftguu/vcdng"uvcvke" Fguetkrvkqp" The"oce"cfftguu/vcdng"uvcvke"command is used to add the static MAC address entry.
Page 139 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%pq"oce"cfftguu/vcdng"uvcvke"00:02:58:4f:6c:23 oce"cfftguu/vcdng"cikpi/vkog" Fguetkrvkqp" The"oce"cfftguu/vcdng"cikpi/vkog"command is used to configure aging time for the dynamic address. To return to the default configuration, please use pq" oce"cfftguu/vcdng"cikpi/vkog"command. U{pvcz" oce"cfftguu/vcdng"cikpi/vkog"aging-time pq"oce"cfftguu/vcdng"cikpi/vkog" Rctcogvgt" aging-time —— The aging time for the dynamic address. The value of it can be 0 or ranges from 10 to 630 seconds.
Page 140 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg vid —— The corresponding VLAN ID of the MAC address. It ranges from 1 to 4094. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Add a filtering address entry of which VLAN ID is 1 and MAC address is 00:1e:4b:04:01:5d: VN/UN764:G*eqphki+%oce"cfftguu/vcdng"hknvgtkpi"00:1e:4b:04:01:5d"xkf"1"...
Page 141 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg influence of the aging time and can only be deleted manually too. However, the learned entries will be saved even the switch is rebooted. status —— Enable or disable the Port Security function for a specified port. By default, this function is disabled.
Page 142 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"oce"cfftguu/vcdng"cikpi/vkog" Fguetkrvkqp" The" ujqy" oce" cfftguu/vcdng" cikpi/vkog" command is used to display the Aging Time of the MAC address. U{pvcz" ujqy"oce"cfftguu/vcdng"cikpi/vkog" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the Aging Time of the MAC address: VN/UN764:G*eqphki+%ujqy"oce"cfftguu/vcdng"cikpi/vkog"...
Page 143 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"oce"cfftguu/vcdng"kpvgthceg" " Fguetkrvkqp" The" ujqy" oce" cfftguu/vcdng" kpvgthceg" command is used to display the address configuration of an Ethernet port. U{pvcz" ujqy"oce"cfftguu/vcdng"kpvgthceg"{ hcuvGvjgtpgv port | ikicdkvGvjgtpgv port }" Rctcogvgt" ——" port The Fast/Gigabit Ethernet port number. Eqoocpf"Oqfg"...
Page 144 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"oce"cfftguu/vcdng"cfftguu"mac-addr" Rctcogvgt" mac-addr —— The specified MAC address. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the information of the MAC address 00:00:00:23:00:00: VN/UN764:G*eqphki+%ujqy"oce"cfftguu/vcdng"cfftguu"00:00:00:23:00:00:" ujqy"oce"cfftguu/vcdng"xncp" Fguetkrvkqp" The" ujqy" oce" cfftguu/vcdng" xncp" command is used to display the MAC address configuration of the specified vlan.
Page 145 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"44" U{uvgo"Eqphkiwtcvkqp"Eqoocpfu" System Configuration Commands can be used to configure the system information and system IP of the switch, and to reboot and reset the switch, upgrade the switch system and commands used for device diagnose, including loopback test and cable test.
Page 146 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg UTC-12:00 —— TimeZone for International Date Line West. UTC-11:00 —— TimeZone for Coordinated Universal Time-11. UTC-10:00 —— TimeZone for Hawaii. UTC-09:00 —— TimeZone for Alaska. UTC-08:00 —— TimeZone for Pacific Time(US Canada). UTC-07:00 —— TimeZone for Mountain Time(US Canada). UTC-06:00 ——...
Page 147 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg backup-ntp-server —— The IP address for the Secondary NTP Server. fetching-rate —— Specify the rate fetching time from NTP server. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the system time mode as NTP, the time zone is UTC-12:00, the primary NTP server is 133.100.9.2 and the secondary NTP server is 139.78.100.163, the fetching-rate is 11 hours: VN/UN764:G*eqphki+%u{uvgo/vkog"pvr"UTC-12:00 133.100.9.2 139.79.100.163...
Page 148 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg u{uvgo/vkog"fuv"fcvg" Fguetkrvkqp" The"u{uvgo/vkog"fuv"fcvg"command is used to specify the DST configuration in Date mode. This configuration is one-off in use. By default, the current year is used as the starting time. DST time periods should be within 12 months over one/two year.
Page 149 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg u{uvgo/vkog"fuv"tgewttkpi" " Fguetkrvkqp" The u{uvgo/vkog" fuv" tgewttkpi command is used to specify the DST configuration in recurring mode. This configuration is recurring in use. The time period is not restricted to be within one year. U{pvcz"...
Page 150 U{pvcz" jquvpcog hostname pq"jquvpcog hostname" Rctcogvgt" hostname —— System Name, ranging from 1 to 32 characters. It is the product name by default. Here it is TL-SL5428E. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the system name as TPLINK: VN/UN764:G*eqphki+%jquvpcog TPLINK"...
Page 151 —— Contact Information. It consists of 32 characters at most. It is www.tp-link.com by default. Eqoocpf"Oqfg" Global Configuration Mode" Gzcorng" Configure the system contact information as www.tp-link.com: VN/UN764:G*eqphki+%eqpvcev-kphq"www.tp-link.com kr"ocpcigogpv/xncp" Fguetkrvkqp" The" kr" ocpcigogpv/xncp" command is used to configure the management VLAN, through which you can log on to the switch.
Page 152 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"cfftguu" Fguetkrvkqp" The"kr"cfftguu"command is used to configure the system IP address, Subnet Mask and Default Gateway. To restore to the factory defaults, please use pq"kr" cfftguu" command. This command should be configured in the Interface Configuration Mode of the management VLAN.
Page 153 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable the DHCP Client function when the management VLAN of the switch is VLAN1: VN/UN764:G*eqphki+%"kpvgthceg"xncp"1" VN/UN764:G*eqphki/kh+%"kr"cfftguu/cnnqe"fjer" kr"cfftguu/cnnqe"dqqvr" Fguetkrvkqp" The"kr"cfftguu/cnnqe"dqqvr"command is used to enable the BOOTP Protocol. When the BOOTP Protocol is enabled, the switch will obtain IP address from BOOTP Server.
Page 154 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Reset the software of the switch: VN/UN764:G%tgugv" tgdqqv" Fguetkrvkqp" The tgdqqv" command is used to reboot the Switch. To avoid damage, please don’t turn off the device while rebooting. U{pvcz" tgdqqv" Eqoocpf"Oqfg" Privileged EXEC Mode Gzcorng"...
Page 155 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg eqr{"uvctvwr/eqphki"vhvr" Fguetkrvkqp" The eqr{"uvctvwr/eqphki"vhvr"command is used to backup the configuration file to TFTP server. U{pvcz" eqr{"uvctvwr/eqphki"vhvr kr/cfftguu " ip-addr hkngpcog"name Rctcogvgt" ip-addr —— IP address of the TFTP server. Both IPv4 and IPv6 addresses are supported, for example 192.168.0.1 or fe80::1234.
Page 156 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg name — — Specify the name for the configuration file which would be downloaded. Eqoocpf"Oqfg" Privileged EXEC Mode Gzcorng" Download the configuration file named as config to the switch from TFTP server with the IP 192.168.0.148: VN/UN764:G% eqr{"...
Page 157 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Upgrade the switch system file named as firmware.bin via the TFTP server with the IP address fe80::1234 VN/UN764:G%"hktoyctg"writcfg"kr/cfftguu"fe80::1234"hkngpcog"firmware.bin rkpi" Fguetkrvkqp" The rkpi"command is used to test the connectivity between the switch and one node of the network.
Page 158 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg milliseconds. If there is not any response after 8 times’ Ping test, the connection between the switch and the network device is failed to establish: VN/UN764:G%"rkpi"fe80::1234 ⁄p"8"⁄n"512" vtcegtv" Fguetkrvkqp" The vtcegtv"command is used to test the connectivity of the gateways during its journey from the source to destination of the test data.
Page 159 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nqqrdcem"kpvgthceg" Fguetkrvkqp" The nqqrdcem"kpvgthceg"command is used to test whether the port is available or not. U{pvcz" nqqrdcem" kpvgthceg" { hcuvGvjgtpgv port | ikicdkvGvjgtpgv port } { internal | external } Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. internal | external ——...
Page 160 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"u{uvgo/vkog"fuv" Fguetkrvkqp" The ujqy" u{uvgo/vkog" fuv" command is used to display the DST time information of the switch. U{pvcz " ujqy"u{uvgo/vkog"fuv" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng " Display the DST time information of the switch VN/UN764:G%ujqy"u{uvgo/vkog"fuv"...
Page 161 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"u{uvgo/kphq Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the system information: VN/UN764:G%ujqy u{uvgo/kphq" ujqy"twppkpi/eqphki" Fguetkrvkqp" The ujqy" twppkpi/eqphki" command is used to display the current operating configuration of the system or of a specified port. U{pvcz"...
Page 162 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" port —— The number of the port which is selected for Cable test. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Show the cable-diagnostics of Gigabit Ethernet port 25: VN/UN764:G%ujqy"ecdng/fkcipquvkeu"kpvgthceg"ikicdkvGvjgtpgv 1/0/25"...
Page 163 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"45" KRx8"Cfftguu"Eqphkiwtcvkqp"Eqoocpfu" The IPv6 address configuration commands are provided in the Interface VLAN Mode. Type" gpcdng" →eqphkiwtg→kpvgthceg" xncp {vlan-id} to enter the Interface Configuration Mode of the management VLAN. By default the management VLAN is VLAN1. You can use the command kr" ocpcigogpv/xncp"...
Page 164 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg configured ipv6 link-local address will be deleted when the autoconfigured ipv6 link-local address takes effect. U{pvcz" krx8"cfftguu"cwvqeqphki" " Eqphkiwtcvkqp"Oqfg" Interface Configuration Mode (interface vlan) Gzcorng" Enable the automatic configuration of the ipv6 link-local address when the management VLAN of the switch is VLAN1: VN/UN764:G*eqphki+%"kpvgthceg"xncp"1"...
Page 165 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg krx8"cfftguu"fjer" Fguetkrvkqp" The" krx8" cfftguu" fjer command is used to enable the DHCPv6 Client function. When this function is enabled, the switch will try to obtain IP from DHCPv6 server. To delete the allocated IP from DHCPv6 server and disable the DHCPv6 Client function, please use"pq"krx8"cfftguu"fjer command.
Page 166 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%"kpvgthceg"xncp"1" VN/UN764:G*eqphki/kh+%"krx8"cfftguu"tc" krx8"cfftguu"gwk/86" Fguetkrvkqp" This command is used to manually configure a global IPv6 address with an extended unique identifier (EUI) in the low-order 64 bits on the interface. Specify only the network prefix. The last 64 bits are automatically computed from the switch MAC address.
Page 167 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg pq"krx8"cfftguu ipv6-addr Rctcogvgt" ipv6-addr —— Global IPv6 address with network prefix, for example 3ffe::1/64. Eqphkiwtcvkqp"Oqfg" Interface Configuration Mode (interface vlan) Gzcorng" Configure the global address 3001::1/64 on the interface: VN/UN764:G*eqphki+%"kpvgthceg"xncp"1" VN/UN764:G*eqphki/kh+%"krx8"cfftguu"3001::1/64" ujqy"krx8"kpvgthceg"xncp" Fguetkrvkqp" This command is used to display the configured ipv6 information of the management vlan,interface, including ipv6 function status, link-local address and global address, ipv6 multicast groups etc.
Page 168 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"46" Gvjgtpgv"Eqphkiwtcvkqp"Eqoocpfu" Ethernet Configuration Commands can be used to configure the Bandwidth Control, Negotiation Mode and Storm Control for Ethernet ports. kpvgthceg"hcuvGvjgtpgv Fguetkrvkqp" The kpvgthceg" hcuvGvjgtpgv" command is used to enter the interface fastEthernet Configuration Mode and configure the corresponding Fast Ethernet port.
Page 169 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Wugt"Iwkfgnkpgu" " Command in the" Kpvgthceg" Tcpig" hcuvGvjgtpgv" Mode is executed independently on all ports in the range. It does not effect the execution on the other ports at all if the command results in an error on one port. Gzcorng"...
Page 170 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt port-list —— The list of Gigabit Ethernet ports. Eqoocpf"Oqfg" Global Configuration Mode Wugt"Iwkfgnkpgu" " Command in the" Kpvgthceg" Tcpig" ikicdkvGvjgtpgv" Mode is executed independently on all ports in the range. It does not affect the execution on the other ports at all if the command results in an error on one port.
Page 171 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujwvfqyp Fguetkrvkqp" The" ujwvfqyp" command is used to disable an Ethernet port. To enable this port again, please use pq"ujwvfqyp"command. U{pvcz" ujwvfqyp" pq"ujwvfqyp" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 172 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ogfkc/v{rg" Fguetkrvkqp" The"ogfkc/v{rg"command is used to configure the media type of Combo port. For a Combo port, the media type should be configured before you set its speed and mode. U{pvcz" ogfkc/v{rg { rj45 | sfp } Rctcogvgt"...
Page 173 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%kpvgthceg"ikicdkvGvjgtpgv"1/0/25 VN/UN764:G*eqphki/kh+%fwrngz full" urggf" Fguetkrvkqp" The"urggf"command is used to configure the Speed Mode for an Ethernet port. To return to the default configuration, please use pq"urggf"command." U{pvcz" urggf { 10 | 100 | 1000 | auto }" pq"urggf"...
Page 174 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" rate —— Specify the bandwidth for receiving broadcast packets on the port. The packet traffic exceeding the bandwidth will be discarded. By default, the value is “128K”." Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 175 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki/kh+%uvqto/eqpvtqn"ownvkecuv uvqto/eqpvtqn"wpkecuv" Fguetkrvkqp" The" uvqto/eqpvtqn" wpkecuv" command is used to enbale the unicast control function. To disable the unicast control function, please use pq"uvqto/eqpvtqn" wpkecuv"command. Unicast control function allows the switch to filter UL frame in the network.
Page 176 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg pq"dcpfykfvj"{ all | ingress | egress }" Rctcogvgt ingress-rate ——Specify the bandwidth for receiving packets. Range: 1-100000 for the megaport, 1-1000000 for the gigaport. egress-rate —— Specify the bandwidth for sending packets. Range:1-100000 for the megaport, 1- 1000000 for the gigaport.
Page 177 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"kpvgthceg"[hcuvGvjgtpgv port"| ikicdkvGvjgtpgv port]"uvcvwu Rctcogvgt port ——The Fast/Gigabit Ethernet port number. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the connective-status of all Ethernet ports: VN/UN764:G*eqphki+%ujqy"kpvgthceg"uvcvwu" Display the connective-status of Fast Ethernet port 1: VN/UN764:G*eqphki+%ujqy"kpvgthceg"hcuvGvjgtpgv"1/0/1"uvcvwu"...
Page 178 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kpvgthceg"fguetkrvkqp Fguetkrvkqp" The ujqy"kpvgthceg"fguetkrvkqp"command is used to display the description of all ports or an Ethernet port. U{pvcz" ujqy"kpvgthceg"[hcuvGvjgtpgv port"| ikicdkvGvjgtpgv port]"fguetkrvkqp Rctcogvgt port —— The Fast/Gigabit Ethernet port number. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 179 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kpvgthceg"eqphkiwtcvkqp Fguetkrvkqp" The ujqy" kpvgthceg" eqphkiwtcvkqp" command is used to display the configurations of an Ethernet port, including Port-status, Flow Control, Negotiation Mode and Port-description. U{pvcz" ujqy"kpvgthceg [ hcuvGvjgtpgv port"| ikicdkvGvjgtpgv port ] eqphkiwtcvkqp Rctcogvgt port ——...
Page 180 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%ujqy" uvqto/eqpvtqn" kpvgthceg" tcpig" hcuvGvjgtpgv" 1/0/4-7" ujqy"dcpfykfvj" Fguetkrvkqp" The ujqy" dcpfykfvj" command is used to display the bandwidth-limit information of Ethernet port. U{pvcz" ujqy"dcpfykfvj" [ kpvgthceg { hcuvGvjgtpgv port" | ikicdkvGvjgtpgv port | tcpig" hcuvGvjgtpgv port-list | tcpig"ikicdkvGvjgtpgv port-list } ]"...
Page 181 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"47" SqU"Eqoocpfu" QoS (Quality of Service) function is used to optimize the network performance. It provides you with network service experience of a better quality. squ" Fguetkrvkqp" The"squ command is used to configure CoS (Class of Service) based on port. To return to the default configuration, please use pq"squ command.
Page 182 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" squ"equ pq"squ"equ Eqoocpf"Oqfg" Global Configuration Mode Wugt"Iwkfgnkpgu" IEEE 802.1P gives the Pri field in IEEE 802.1Q tag a recommended definition. When the mapping relation between IEEE 802.1P Priority and TC egress queue is enabled, the data will be classified into the egress queue based on this mapping relation.
Page 183 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg squ"swgwg"equ/ocr" Fguetkrvkqp" The squ"swgwg"equ/ocr command is used to configure the mapping relation between IEEE 802.1P priority tag/IEEE 802.1Q tag, CoS value and the TC egress queue. To return to the default configuration, please use pq"squ"swgwg" equ/ocr command.
Page 184 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg divide IP datagram into 64 priorities. When DSCP Priority is enabled, IP datagram are mapped to different priority levels based on DSCP priority mode; non-IP datagram with IEEE 802.1Q tag are mapped to different priority levels based on IEEE 802.1P priority mode if IEEE 802.1P Priority is enabled;...
Page 185 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg queues and scheduling algorithms you set. On this switch, the priority levels are labeled as TC0, TC1… TC3. U{pvcz" squ"swgwg"oqfg"{ sp | wrr | sp+wrr | equ } pq"squ"swgwg"oqfg Rctcogvgt" sp —— Strict-Priority Mode. In this mode, the queue with higher priority will occupy the whole bandwidth.
Page 186 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy" squ" kpvgthceg" [ hcuvGvjgtpgv port" | ikicdkvGvjgtpgv port |" tcpig hcuvGvjgtpgv port-list |"tcpig"ikicdkvGvjgtpgv port-list ] " Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. port-list —— The list of Ethernet ports. Eqoocpf"Oqfg"...
Page 187 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"squ"fuer/ocr" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the configuration of DSCP Priority: VN/UN764:G%ujqy squ"fuer/ocr" ujqy"squ"swgwg"oqfg" Fguetkrvkqp" The ujqy"squ"swgwg"oqfg command is used to display the schedule rule of the egress queues. U{pvcz"...
Page 188 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"48" Rqtv"Okttqt"Eqoocpfu" Port Mirror refers to the process of forwarding copies of packets from one port to a monitoring port. Usually, the monitoring port is connected to data diagnose device, which is used to analyze the monitored packets for monitoring and troubleshooting the network.
Page 189 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg oqpkvqt"uguukqp"uqwteg"kpvgthceg" Fguetkrvkqp" " oqpkvqt" uguukqp" uqwteg kpvgthceg command is used to configure the monitored port. To delete the corresponding monitored port, please use" pq oqpkvqt"uguukqp"uqwteg kpvgthceg command. U{pvcz" oqpkvqt" uguukqp" session_num uqwteg kpvgthceg { hcuvGvjgtpgv port-list | ikicdkvGvjgtpgv port-list } mode pq"...
Page 190 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%oqpkvqt" uguukqp 1" uqwteg" kpvgthceg" hcuvGvjgtpgv 1/0/4-5,1/0/7 rx Delete the Fast Ethernet port 4 in monitor session 1 and its configuration: VN/UN764:G*eqphki+%pq" oqpkvqt" uguukqp" 1" uqwteg" kpvgthceg" hcuvGvjgtpgv 1/0/4 rx ujqy"oqpkvqt"uguukqp" " Fguetkrvkqp" The ujqy"...
Page 191 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"49" Rqtv"kuqncvkqp"Eqoocpfu" Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward packets to the ports that are not on its forwarding port list. rqtv"kuqncvkqp"...
Page 192 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"rqtv"kuqncvkqp" Fguetkrvkqp" The ujqy"rqtv"kuqncvkqp command is used to display the forward port list of a port. U{pvcz" ujqy"rqtv"kuqncvkqp"kpvgthceg [ hcuvGvjgtpgv port | ikicdkvGvjgtpgv port ] Rctcogvgt " port —— The number of Ethernet port you want to show its forward port list, in the format of 1/0/2.
Page 193 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"4:" Nqqrdcem"Fgvgevkqp"Eqoocpfu" With loopback detection feature enabled, the switch can detect loops using loopback detection packets. When a loop is detected, the switch will display an alert or further block the corresponding port according to the configuration. nqqrdcem/fgvgevkqp*inqdcn+"...
Page 194 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the interval-time as 50 seconds: VN/UN764:G*eqphki+%nqqrdcem/fgvgevkqp"kpvgtxcn 50" nqqrdcem/fgvgevkqp"tgeqxgt{/vkog" Fguetkrvkqp" The nqqrdcem/fgvgevkqp" tgeqxgt{/vkog command is used to configure the time after which the blocked port would automatically recover to normal status. U{pvcz" nqqrdcem/fgvgevkqp"tgeqxgt{/vkog"recovery-time"...
Page 195 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable the loopback detection function of Gigabit Ethernet ports 25-27: VN/UN764:G*eqphki+%kpvgthceg"tcpig"ikicdkvGvjgtpgv"1/0/25-27 VN/UN764:G*eqphki/kh/tcpig+%nqqrdcem/fgvgevkqp" nqqrdcem/fgvgevkqp"eqphki" Fguetkrvkqp" The nqqrdcem/fgvgevkqp" eqphki command is used to configure the process-mode and recovery-mode for the ports by which the switch copes with the detected loops.
Page 196 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nqqrdcem/fgvgevkqp"tgeqxgt" Fguetkrvkqp" The"nqqrdcem/fgvgevkqp"tgeqxgt"command is used to remove the block status of selected ports, recovering the blocked ports to normal status, U{pvcz" nqqrdcem/fgvgevkqp"tgeqxgt Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 197 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"nqqrdcem/fgvgevkqp"kpvgthceg" Fguetkrvkqp" The ujqy" nqqrdcem/fgvgevkqp" kpvgthceg command is used to display the configuration of loopback detection function and the status of all ports or of a specified Fast/Gigabit Ethernet port. U{pvcz" ujqy" nqqrdcem/fgvgevkqp" kpvgthceg" [ hcuvGvjgtpgv port | ikicdkvGvjgtpgv port]"...
Page 198 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"4;" CEN"Eqoocpfu" ACL (Access Control List) is used to filter data packets by configuring a series of match conditions, operations and time ranges. It provides a flexible and secured access control policy and facilitates you to control the network security.
Page 199 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg pq"cduqnwvg" Rctcogvgt" start-date —— The start date in Absolute Mode, in the format of MM/DD/YYYY. By default, it is 01/01/2000. end-date —— The end date in Absolute Mode, in the format of MM/DD/YYYY. By default, it is 01/01/2000.
Page 200 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%vkog/tcpig"tSeg1" VN/UN764:G*eqphki/vkog/tcpig+%rgtkqfke" yggm/fcvg" off-day" vkog/unkeg3" 08:30-12:00" jqnkfc{" Fguetkrvkqp" The jqnkfc{ command is used to configure the time-range into Holiday Mode under Time-range Create Configuration Mode. To delete the corresponding Holiday Mode time-range, please use"pq"jqnkfc{ command. U{pvcz"...
Page 201 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Define National Day, configuring the start date as October 1st, and the end date as October 3rd:" VN/UN764:G*eqphki+%jqnkfc{ nationalday uvctv/fcvg 10/01"gpf/fcvg"10/03 ceeguu/nkuv"etgcvg" Fguetkrvkqp" The ceeguu/nkuv" etgcvg command is used to create standard-IP ACL and extend-IP ACL.
Page 202 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" access-list-num —— ACL ID, ranging from 0 to 99. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Create a MAC ACL whose ID is 23: VN/UN764:G*eqphki+%oce"ceeguu/nkuv"23" ceeguu/nkuv"uvcpfctf" Fguetkrvkqp" The ceeguu/nkuv" uvcpfctf command is used to add Standard-IP ACL rule. To delete the corresponding rule, please use pq"ceeguu/nkuv"uvcpfctf command.
Page 203 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg frag —— Enable/Disable Fragment. By default, it is disabled. If Fragment is enabled, this rule will process all the fragments and the last piece of fragment will be always forwarded. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng"...
Page 204 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg destination-ip —— The destination IP address contained in the rule. destination-ip-mask —— The destination IP address mask. It is required if you typed the destination IP address. time-segment —— The time-range for the rule to take effect. By default, it is not limited.
Page 205 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ceeguu/nkuv" eqodkpgf" acl-id" twng" rule-id" [permit | deny] [[uoce" source-mac_" [uocum" source-mac-mask]] [[foce" destination-mac]" [focum" destination-mac-mask]] [xkf vlan-id] [v{rg"ethertype] [rtk"priority] [[ukr"source-ip] [ukr/ocum" source-ip-mask]] [[fkr destination-ip] [focum destination-ip-mask]] [htci {disable | enable}] [vugi"time-segment] pq ceeguu/nkuv"dkpf eqodkpgf"acl-id"twng"rule-id Rctcogvgt"...
Page 206 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Create a combined ACL whose ID is 320, and add Rule 10 for it. In the rule, the source IP address is 192.168.0.100, the source IP address mask is 255.255.255.0, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the switch: VN/UN764:G*eqphki+%ceeguu/nkuv"etgcvg"320"...
Page 207 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg time-segment —— The time-range for the rule to take effect. By default, it is not limited. Eqoocpf"Oqfg" Mac Access-list Configuration Mode Gzcorng" Create a MAC ACL whose ID is 20, and add Rule 10 for it. In the rule, the source MAC address is 00:01:3F:48:16:23, the source MAC address mask is 11:11:11:11:11:00, VLAN ID is 2, the user priority is 5, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the...
Page 208 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ceeguu/nkuv"rqnke{"cevkqp" Fguetkrvkqp" The" ceeguu/nkuv" rqnke{" cevkqp" command is used to add ACLs and create actions for the policy. To set the detailed configuration of actions for a policy, please use ceeguu/nkuv"rqnke{"cevkqp command to access Action Configuration Mode.
Page 209 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Edit the actions for policy1. Forward the data packets matching ACL 120 in the policy to Fast Ethernet port 2: VN/UN764:G*eqphki+%ceeguu/nkuv"rqnke{"cevkqp"policy1 120" VN/UN764:G*eqphki/cevkqp+%tgfktgev"kpvgthceg"hcuvGvjgtpgv"1/0/2" tgfktgev"xncp" Fguetkrvkqp" The" tgfktgev" xncp" command is used to configure Direction function of policy action for specified VLAN.
Page 210 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg osd —— Out of Band disposal of Stream Condition. It is the disposal way of the data packets those are transmitted beyond the rate. There are two options, “none” and “discard”. By default, the option is “none”. Eqoocpf"Oqfg"...
Page 211 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg squ/tgoctm"fuer dscp rtkqtkv{ pri pq"squ/tgoctm Rctcogvgt" dscp —— DSCP of QoS Remark. Specify the DSCP region for the data packets matching the corresponding ACL. DSCP ranges from 0 to 63. By default, it is not limited. pri ——...
Page 212 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ceeguu/nkuv"dkpf*xncp+" Fguetkrvkqp" The ceeguu/nkuv"dkpf command is used to bind a policy to a VLAN. To cancel the bind relation, please use pq"ceeguu/nkuv"dkpf command. U{pvcz" ceeguu/nkuv"dkpf"policy-name pq ceeguu/nkuv"dkpf policy-name Rctcogvgt" policy-name —— The name of the policy desired to bind. Eqoocpf"Oqfg"...
Page 213 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"jqnkfc{" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the defined holidays: VN/UN764:G%ujqy"jqnkfc{ ujqy"ceeguu/nkuv" Fguetkrvkqp" The ujqy"ceeguu/nkuv"command is used to display configuration of ACL. U{pvcz" ujqy"ceeguu/nkuv"[acl-id]" Rctcogvgt" acl-id —— The ID of the ACL selected to display the configuration. Eqoocpf"Oqfg"...
Page 214 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the information of a policy named policy1: VN/UN764:G%ujqy"ceeguu/nkuv"rqnke{ policy1 ujqy"ceeguu/nkuv"dkpf" Fguetkrvkqp" The ujqy" ceeguu/nkuv" dkpf" command is used to display the configuration of Policy bind. U{pvcz" ujqy"ceeguu/nkuv"dkpf" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 215 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"52" OUVR"Eqoocpfu" MSTP (Multiple Spanning Tree Protocol), compatible with both STP and RSTP and subject to IEEE 802.1s, can disbranch a ring network. STP is to block redundant links and backup links as well as optimize paths.
Page 216 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%urcppkpi/vtgg" urcppkpi/vtgg"eqooqp/eqphki" Fguetkrvkqp" The urcppkpi/vtgg" eqooqp/eqphki command is used to configure the parameters of the ports for comparison in the CIST and the common parameters of all instances. To return to the default configuration, please use pq" urcppkpi/vtgg"...
Page 217 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg designated port, they can transit their states to forwarding rapidly to reduce the unnecessary forward delay. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 218 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg urcppkpi/vtgg"ouv"eqphkiwtcvkqp" Fguetkrvkqp" The urcppkpi/vtgg" ouv" eqphkiwtcvkqp command is used to access MST Configuration Mode from Global Configuration Mode, as to configure the VLAN-Instance mapping, region name and revision level. To return to the default configuration of the corresponding Instance, please use pq"...
Page 219 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Map the VLANs 1-100 to Instance 1:" VN/UN764:G*eqphki+%urcppkpi/vtgg"ouv"eqphkiwtcvkqp" VN/UN764:G*eqphki/ouv+%kpuvcpeg"1"xncp"1-100 Disable Instance 1, namely remove all the mapping VLANs 1-100:" VN/UN764:G*eqphki+%urcppkpi/vtgg"ouv"eqphkiwtcvkqp" VN/UN764:G*eqphki/ouv+%pq"kpuvcpeg"1" Remove VLANs 1-50 in mapping VLANs 1-100 for Instance 1:" VN/UN764:G*eqphki+%urcppkpi/vtgg"ouv"eqphkiwtcvkqp" VN/UN764:G*eqphki/ouv+%pq"kpuvcpeg"1"xncp"1-50 pcog"...
Page 220 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgtu" revision —— The revision level for MST region identification, ranging from 0 to 65535. Eqoocpf"Oqfg" MST Configuration Mode" Gzcorng" Configure the revision level of MST as 100:" VN/UN764:G*eqphki+%urcppkpi/vtgg"ouv"eqphkiwtcvkqp" VN/UN764:G*eqphki/ouv+%tgxkukqp 100 urcppkpi/vtgg"ouv"kpuvcpeg" Fguetkrvkqp" The urcppkpi/vtgg"ouv"kpuvcpeg"command is used to configure the priority of MST instance.
Page 221 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg urcppkpi/vtgg"ouv" Fguetkrvkqp" The urcppkpi/vtgg"ouv command is used to configure MST Instance Port. To return to the default configuration of the corresponding Instance Port, please use"pq urcppkpi/vtgg"ouv"command. A port can play different roles in different spanning tree instance.
Page 222 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" urcppkpi/vtgg"rtkqtkv{"pri pq"urcppkpi/vtgg"rtkqtkv{" Rctcogvgt" pri —— Bridge priority, ranging from 0 to 61440. It is 32768 by default. Eqoocpf"Oqfg" Global Configuration Mode" Gzcorng" Configure the bridge priority as 4096:" VN/UN764:G*eqphki+%urcppkpi/vtgg"rtkqtkv{"4096 urcppkpi/vtgg"ve/fghgpf" Fguetkrvkqp" The urcppkpi/vtgg"ve/fghgpf command is used to configure the TC Protect of Spanning Tree globally.
Page 223 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg urcppkpi/vtgg"vkogt" Fguetkrvkqp" The urcppkpi/vtgg" vkogt command is used to configure forward-time, hello-time and max-age of Spanning Tree. To return to the default configurations, please use pq"urcppkpi/vtgg"vkogt"command. U{pvcz" urcppkpi/vtgg" vkogt" {" [hqtyctf/vkog forward-time] [jgnnq/vkog hello-time] [ocz/cig max-age] } pq"urcppkpi/vtgg"vkogt Rctcogvgt"...
Page 224 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" urcppkpi/vtgg"jqnf/eqwpv"value pq"urcppkpi/vtgg"jqnf/eqwpv Rctcogvgt" value —— The maximum number of BPDU packets transmitted per Hello Time interval, ranging from 1 to 20 in pps. By default, it is 5. Eqoocpf"Oqfg" Global Configuration Mode" Gzcorng"...
Page 225 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg urcppkpi/vtgg"drfwhknvgt" Fguetkrvkqp" The urcppkpi/vtgg" drfwhknvgt" command is used to enable the BPDU filter function for a port. With the function enabled, the port can be prevented from receiving and sending any BPDU packets. To disable the BPDU filter function, please use pq"urcppkpi/vtgg"drfwhknvgt command.
Page 226 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%urcppkpi/vtgg"drfwiwctf" urcppkpi/vtgg"iwctf"nqqr" Fguetkrvkqp" The urcppkpi/vtgg"iwctf"nqqr"command is used to enable the Loop Protect function for a port. Loop Protect is to prevent the loops in the network brought by recalculating STP because of link failures and network congestions. To disable the Loop Protect function, please use pq"urcppkpi/vtgg"iwctf"nqqr command.
Page 227 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable the Root Protect function for Fast Ethernet port 2: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%urcppkpi/vtgg"iwctf"tqqv" urcppkpi/vtgg"iwctf"ve" Fguetkrvkqp" The urcppkpi/vtgg" iwctf" ve command is used to enable the TC Protect of Spanning Tree function for a port.
Page 228 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" urcppkpi/vtgg"oejgem" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable MCheck for Fast Ethernet port 2:" VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%urcppkpi/vtgg"oejgem" ujqy"urcppkpi/vtgg"cevkxg" Fguetkrvkqp" The ujqy" urcppkpi/vtgg" cevkxg command is used to display the active information of spanning-tree.
Page 229 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the bridge parameters:" VN/UN764:G*eqphki+%ujqy"urcppkpi/vtgg"dtkfig" ujqy"urcppkpi/vtgg"kpvgthceg" Fguetkrvkqp" The ujqy" urcppkpi/vtgg" kpvgthceg command is used to display the spanning-tree information of all ports or a specified port. U{pvcz" ujqy" urcppkpi/vtgg kpvgthceg [ hcuvGvjgtpgv port | ikicdkvGvjgtpgv port ]" [edge | ext-cost | int-cost | mode | p2p | priority | role | state | status] Rctcogvgt"...
Page 230 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the protect information of all ports:" VN/UN764:G*eqphki+%ujqy"urcppkpi/vtgg"kpvgthceg/ugewtkv{" Display the protect information of Gigabit Ethernet port 25:" VN/UN764:G*eqphki+%ujqy"urcppkpi/vtgg"kpvgthceg/ugewtkv{"ikicdkvGvjgtpgv 1/0/25"...
Page 231 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Display all the ports information of MST Instance 1: VN/UN764:G*eqphki+%ujqy"urcppkpi/vtgg"ouv"kpuvcpeg 1 kpvgthceg"...
Page 232 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"53" Gvjgtpgv"QCO"Eqoocpfu" Ethernet OAM (standing for Operation, Administration, and Maintenance) is Layer 2 protocol that is used for monitoring and troubleshooting Ethernet networks. It can report the network status to network administrators through the OAMPDUs exchanged between two OAM entities. The operation of OAM on an Ethernet interface does not adversely affect data traffic as OAM is a slow protocol with very limited bandwidth potential.
Page 233 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" gvjgtpgv/qco"oqfg { passive | active"} pq"gvjgtpgv/qco"oqfg Rctcogvgt" passive —— Specify the OAM mode as passive. active ——Specify the OAM mode as active. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 234 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg notify —— Enable/Disable the event notification. By default, it is enabled. threshold | window | notify —— The parameter that you want to return to the default configuration. Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng"...
Page 235 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" For error frame event, configure the error threshold as 6 and the event detection interval as 9 seconds on Fast Ethernet port 3: VN/UN764:G*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/0/3"...
Page 236 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" For error frame period event, configure the error threshold as 6 and the event detection interval as 150000 frames on Fast Ethernet port 4: VN/UN764:G*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/0/4"...
Page 237 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" For error frame seconds event, configure the error threshold as 8 and the event detection interval as 30 seconds on Fast Ethernet port 5: VN/UN764:G*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/0/5" VN/UN764:G*eqphki/kh+%" gvjgtpgv/qco" nkpm/oqpkvqt" htcog/ugeqpfu" vjtgujqnf"8"ykpfqy"300" gvjgtpgv/qco"tgoqvg/hcknwtg" Fguetkrvkqp" The ethernet-oam remote-failure command is used to configure whether to notify the link faults or not.
Page 238 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki/kh+%" gvjgtpgv/qco" tgoqvg/hcknwtg" dying-gasp" pqvkh{" disable gvjgtpgv/qco" tgoqvg/nqqrdcem" tgegkxgf/tgoqvg/" nqqrdcem" Fguetkrvkqp" The gvjgtpgv/qco"tgoqvg/nqqrdcem"tgegkxgf/tgoqvg/nqqrdcem command is used to configure the client to process or to ignore the received remote loopback request. To return to the default configurations, please use pq" gvjgtpgv/qco"tgoqvg/nqqrdcem"tgegkxgf/tgoqvg/nqqrdcem command.
Page 239 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg gvjgtpgv/qco"tgoqvg/nqqrdcem" Fguetkrvkqp" The gvjgtpgv/qco"tgoqvg/nqqrdcem"command is used to request the remote peer to start or stop the Ethernet OAM remote loopback mode. U{pvcz" gvjgtpgv/qco"tgoqvg/nqqrdcem"{ start | stop } " Rctcogvgt" start —— Request the remote peer to start the Ethernet OAM remote loopback mode.
Page 240 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. By default, the Ethernet OAM statistics of all ports are cleared. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Clear Ethernet OAM statistics of Fast Ethernet port 3: VN/UN764:G*eqphki+%"...
Page 241 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"gvjgtpgv/qco"eqphkiwtcvkqp" Fguetkrvkqp" The ujqy"gvjgtpgv/qco"eqphkiwtcvkqp"command is used to display Ethernet OAM configuration information. U{pvcz [" kpvgthceg" { ujqy" gvjgtpgv/qco" eqphkiwtcvkqp" hcuvGvjgtpgv" ~" ikicdkvGvjgtpgv } port"] Rctcogvgt port —— The Fast/Gigabit Ethernet port number. By default, the Ethernet OAM configuration information of all ports is displayed.
Page 242 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display Ethernet OAM event log of Fast Ethernet port 2: VN/UN764:G*eqphki+%" ujqy"gvjgtpgv/qco" gxgpv/nqi" kpvgthceg" hcuvGvjgtpgv 1/0/2 ujqy"gvjgtpgv/qco"uvcvkuvkeu" Fguetkrvkqp" The ujqy" gvjgtpgv/qco" uvcvkuvkeu" command is used to display the Ethernet OAM statistics.
Page 243 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy" gvjgtpgv/qco" uvcvwu" " [" kpvgthceg" {" hcuvGvjgtpgv" ~" ikicdkvGvjgtpgv } port"]" Rctcogvgt" port —— The Fast/Gigabit Ethernet port number. By default, the Ethernet OAM status of all ports is displayed. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 244 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"54" FNFR"Eqoocpfu" DLDP (Device Link Detection Protocol) is used to monitor the link state of fiber-optic or twisted-pair Ethernet cables. When a unidirectional link is detected, the corresponding port will be shut down automatically or manually (depending on the shut mode configured).
Page 245 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the interval of sending advertisement packets as 10 seconds: VN/UN764:G*eqphki+%"fnfr"kpvgtxcn"10" fnfr"ujwv/oqfg" Fguetkrvkqp" The fnfr"ujwv/oqfg command is used to configure the shutdown mode when a unidirectional link is detected. U{pvcz" fnfr"ujwv/oqfg"{ auto | manual }" Rctcogvgt"...
Page 246 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Reset the DLDP function globally: VN/UN764:G*eqphki+%"fnfr"tgugv" fnfr*kpvgthceg+" " Fguetkrvkqp" The fnfr command is used to enable the DLDP function of the specified port. To disable it, please use pq"fnfr command. U{pvcz" fnfr" pq"fnfr"...
Page 247 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Reset the DLDP function of ports 2-4: VN/UN764:G"*eqphki+%"kpvgthceg"tcpig"hcuvGvjgtpgv"1/0/2-4" VN/UN764:G"*eqphki/kh/tcpig+%"fnfr"tgugv" ujqy"fnfr" Fguetkrvkqp" The ujqy"fnfr command is used to display the global configuration of DLDP function such as DLDP global state, DLDP interval and shut mode. U{pvcz"...
Page 248 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the configuration and state of all ports: VN/UN764:G%"ujqy"fnfr"kpvgthceg" Display the configuration and state of port 5: VN/UN764:G%"ujqy"fnfr"kpvgthceg"hcuvGvjgtpgv"1/0/5"...
Page 249 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"55" KIOR"Upqqrkpi"Eqoocpfu" IGMP Snooping (Internet Group Management Protocol Snooping) is a multicast control mechanism running on Layer 2 switch. It can effectively prevent multicast groups being broadcasted in the network. kr"kior"upqqrkpi*inqdcn+" Fguetkrvkqp" The kr kior"upqqrkpi"command is used to configure IGMP Snooping globally. To disable the IGMP Snooping function, please use pq"...
Page 250 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable IGMP Snooping function of Gigabit Ethernet port 25: VN/UN764:G*eqphki+%kpvgthceg ikicdkvGvjgtpgv"1/0/25 VN/UN764:G*eqphki/kh+%kr"kior"upqqrkpi" kr"kior"upqqrkpi"koogfkcvg/ngcxg" Fguetkrvkqp" The" kr" kior" upqqrkpi" koogfkcvg/ngcxg" command is used to configure the Fast Leave function for port. To disable the Fast Leave function, please use pq" kr"kior"upqqrkpi"koogfkcvg/ngcxg command.
Page 251 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the operation of processing unknown multicast as “discard”: VN/UN764:G*eqphki+%kr"kior"upqqrkpi"ftqr/wpmpqyp" kr"kior"upqqrkpi"xncp/eqphki" Fguetkrvkqp" The"kr"kior"upqqrkpi"xncp/eqphki command is used to enable VLAN IGMP Snooping function or to modify IGMP Snooping parameters, and to create static multicast IP entry.
Page 252 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg the format of 1/0/2; Gigabit Ethernet port, ranging from 1-4, in the format of 1/0/2. vlan-id —— The VLAN ID of the multicast IP, ranging from 1 to 4094. ip —— The static multicast IP address. port-list ——...
Page 253 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg leave-time —— Leave Time, which is the interval between the switch receiving a leave message from a host and the switch removing the host from the multicast groups. Leave Time ranges from 1 to 30 in seconds. By default, it is 1. port ——...
Page 254 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"kior"upqqrkpi"hknvgt*inqdcn+" Fguetkrvkqp" The"kr"kior"upqqrkpi"hknvgt"command is used to add or modify the multicast filtering IP-range. To delete the multicast filtering IP-range, please use" pq" kr" kior"upqqrkpi"hknvgt command. U{pvcz" kr"kior"upqqrkpi"hknvgt id start-ip end-ip pq kr"kior"upqqrkpi"hknvgt id Rctcogvgt"...
Page 255 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable IGMP Snooping filter function for Gigabit Ethernet port 26: VN/UN764:G*eqphki+%kpvgthceg ikicdkvGvjgtpgv"1/0/26" VN/UN764:G*eqphki/kh+%kr"kior"upqqrkpi"hknvgt" kr"kior"upqqrkpi"hknvgt"oczitqwr" Fguetkrvkqp" The"...
Page 256 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" mode —— Action Mode, with “refuse” and “accept” options. “Refuse” indicates only the multicast packets whose multicast IP is not in the IP-range will be processed, while “accept” indicates only the multicast packets whose multicast IP is in the IP-range will be processed.
Page 257 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"kior"upqqrkpi"swgtkgt"xncp"*igpgtcn"swgt{+" Fguetkrvkqp" The kr" kior" upqqrkpi" swgtkgt" xncp command is used to configure the parameters for IGMP Snooping Querier to send a general query frame. To return to the default configuration, please use pq" kr" kior" upqqrkpi" swgtkgt" xncp"command.
Page 258 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"kior"upqqrkpi"swgtkgt"xncp"*urgekhke"swgt{+" Fguetkrvkqp" The kr" kior" upqqrkpi" swgtkgt" xncp command is used to configure the parameters for IGMP Snooping Querier to send a specific query frame. To return to the default configuration, please use pq" kr" kior" upqqrkpi" swgtkgt" xncp"command.
Page 259 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"kior"upqqrkpi"cwvjgpvkecvkqp" Fguetkrvkqp" The kr" kior" upqqrkpi" cwvjgpvkecvkqp" command is used to enable IGMP Authentication for the desired port. To disable the IGMP Authentication function, please use pq" kr" kior" upqqrkpi" cwvjgpvkecvkqp" command. By default, it is disabled.
Page 260 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G%ujqy"kr"kior"upqqrkpi ujqy"kr"kior"upqqrkpi"kpvgthceg" Fguetkrvkqp" The ujqy" kr" kior" upqqrkpi" kpvgthceg command is used to display the port configuration of IGMP. U{pvcz" ujqy"kr"kior"upqqrkpi"kpvgthceg"{"hcuvGvjgtpgv port | ikicdkvGvjgtpgv port } { basic-config | filter | packet-stat } ujqy"...
Page 261 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg vlan-id ——The VLAN ID selected to display. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the IGMP snooping configuration information of VLAN 2: VN/UN764:G%ujqy"kr"kior"upqqrkpi"xncp 2 ujqy"kr"kior"upqqrkpi"ownvk/xncp" Fguetkrvkqp" The ujqy" kr" kior" upqqrkpi" ownvk/xncp command is used to display the Multicast VLAN configuration.
Page 262 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg dynamic—— Display dynamic multicast groups. dynamic count—— The numbers of all dynamic multicast groups. static—— Display static multicast groups. static count—— The numbers of all static multicast groups. Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 263 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"kr"kior"upqqrkpi"swgtkgt"xncp" Fguetkrvkqp" The ujqy" kr" kior" upqqrkpi" swgtkgt" xncp command is used to display the configurations of IGMP Snooping Querier of the specified VLAN. U{pvcz" ujqy kr"kior"upqqrkpi"swgtkgt"xncp"vlan-list Rctcogvgt" vlan-list ——The ID of the VLAN selected to display the configurations of IGMP Snooping Querier.
Page 264 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy kr"kior"upqqrkpi"swgtkgt Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the IGMP Snooping authentication configurations of all ports: VN/UN764:G*eqphki+%"ujqy kr"kior"upqqrkpi"kpvgthceg"cwvjgpvkecvkqp...
Page 265 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"56" ONF"Upqqrkpi"Eqoocpfu" MLD Snooping (Multicast Listener Discovery Snooping) is a multicast control mechanism running on Layer 2 switch. It can effectively prevent multicast groups being broadcasted in the IPv6 network. krx8"onf"upqqrkpi" Fguetkrvkqp" The krx8" onf" upqqrkpi command is used to enable MLD Snooping function globally.
Page 266 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify MLD Snooping router port aging time as 100 seconds globally: VN/UN764:G*eqphki+%"krx8"onf"upqqrkpi"tqwvgt/cikpi/vkog 100" krx8"onf"upqqrkpi"ogodgt/cikpi/vkog" Fguetkrvkqp" The krx8" onf" upqqrkpi" ogodgt/cikpi/vkog command is used to specify member port aging time globally. The default aging time is 260 seconds. To restore default timer,...
Page 267 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%"pq"krx8"onf"upqqrkpi"tgrqtv/uwrrtguukqp" krx8"onf"upqqrkpi"wpmpqyp/hknvgt" Fguetkrvkqp" The krx8" onf" upqqrkpi" wpmpqyp/hknvgt command is used to enable the unknown multicast packets filter function. To disable this function, please use pq" krx8"onf"upqqrkpi"wpmpqyp/hknvgt command. By default, it is disabled. U{pvcz"...
Page 268 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg krx8"onf"upqqrkpi"ncuv/nkuvgpgt"swgt{/eqwpv" Fguetkrvkqp" The krx8"onf"upqqrkpi"ncuv/nkuvgpgt"swgt{/eqwpv command is used to specify the numbers of Specific Query Message to be sent. The default value is 2. To restore the default number, please use pq" krx8" onf" upqqrkpi" ncuv/nkuvgpgt" swgt{/eqwpv command.
Page 269 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg krx8"onf"upqqrkpi"ownvkecuv/xncp"xncp/kf" Fguetkrvkqp" The krx8" onf" upqqrkpi" ownvkecuv/xncp" xncp/kf command is used to specify the multicast VLAN ID. The default multicast VLAN is VLAN1. To restore the default VLAN, please use pq" krx8" onf" upqqrkpi" ownvkecuv/xncp" xncp/kf" command.
Page 270 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg krx8"onf"upqqrkpi"xncp"tqwvgt/cikpi/vkog" Fguetkrvkqp" The"krx8"onf"upqqrkpi"xncp"tqwvgt/cikpi/vkog command is used to specify router port aging time for a specified VLAN. If this time is set to 0, then the global router port aging time will be used. The default time is 0. To restore the default timer, please use pq"...
Page 271 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the member port aging time as 100 seconds in VLAN 2: VN/UN764:G*eqphki+%"krx8"onf"upqqrkpi"xncp 2"ogodgt/cikpi/vkog 100" krx8"onf"upqqrkpi"xncp"koogfkcvg/ngcxg" Fguetkrvkqp" The"krx8"onf"upqqrkpi"xncp"koogfkcvg/ngcxg command is used to enable the immediate leave function on a specified VLAN. To disable this funciton, please use pq"krx8"onf"upqqrkpi"xncp"koogfkcvg/ngcxg command.
Page 272 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the gigabitEthernet 1/0/2 as static router port in VLAN 2: VN/UN764:G*eqphki+%" krx8" onf" upqqrkpi" xncp 2" otqwvgt" kpvgthceg" ikicdkvGvjgtpgv 1/0/2" krx8"onf"upqqrkpi"xncp"uvcvke" Fguetkrvkqp" The" krx8" onf" upqqrkpi" xncp" uvcvke command is used to configure the static multicast groups.
Page 273 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" krx8"onf"upqqrkpi"swgtkgt"xncp"vlan-id" pq"krx8"onf"upqqrkpi"swgtkgt"xncp"vlan-id" Rctcogvgt" vlan-id —— The VLAN that enables the MLD querier function, ranging from 1 to 4094. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Enable MLD Querier function on VLAN 2: VN/UN764:G*eqphki+%"krx8"onf"upqqrkpi"swgtkgt"xncp 2 krx8"onf"upqqrkpi"swgtkgt"xncp"ocz/tgurqpug/vkog"...
Page 274 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg krx8"onf"upqqrkpi"swgtkgt"xncp"swgt{/kpvgtxcn" Fguetkrvkqp" The" krx8" onf" upqqrkpi" swgtkgt" xncp" swgt{/kpvgtxcn command is used to specify the interval to send the Query Message. The default value is 25 seconds. To restore the default value, please use pq"krx8"onf"upqqrkpi"swgtkgt"xncp" swgt{/kpvgtxcn command.
Page 275 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the source address which sends the Query message as fe80::1234 on VLAN 2: VN/UN764:G*eqphki+%" krx8" onf" upqqrkpi" swgtkgt" xncp" 2" swgt{/uqwteg fe80::1234" krx8"onf"upqqrkpi"hknvgt*inqdcn+" Fguetkrvkqp" The" krx8" onf" upqqrkpi" hknvgt command is used to configure the multicast group filter entries in the format of ip-range.
Page 276 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Interface Configuration Mode Gzcorng" Enable filter function on interface gigabitEthernet 1/0/2: VN/UN764:G*eqphki+%"kpvgthceg"ikicdkvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%"krx8"onf"upqqrkpi"hknvgt" krx8"onf"upqqrkpi"hknvgt/oqfg" Fguetkrvkqp" The" krx8" onf" upqqrkpi" hknvgt/oqfg command is used to configure the filter mode of the interface. The default mode is accept. To restore the default mode, please use pq"krx8"onf"upqqrkpi"hknvgt/oqfg command.
Page 277 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" filter-list —— Specify the filter id list, in format of 1,3,10. Eqoocpf"Oqfg" Interface Configuration Mode Gzcorng" Specify the filter id as 1 and 10 on interface gigabitEthernet 1/0/2: VN/UN764:G*eqphki+%"kpvgthceg"ikicdkvGvjgtpgv"1/0/2" VN/UN764:G*eqphki/kh+%"krx8"onf"upqqrkpi"hknvgt/kf"1,10" krx8"onf"upqqrkpi"ocz/itqwr" Fguetkrvkqp" The"...
Page 278 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Clear the statistics of the MLD packets: VN/UN764:G*eqphki+%"engct"krx8"onf"upqqrkpi"uvcvkuvkeu" ujqy"krx8"onf"upqqrkpi" Fguetkrvkqp" The ujqy" krx8" onf" upqqrkpi command is used to display the global configuration of MLD Snooping. U{pvcz"...
Page 279 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"krx8"onf"upqqrkpi"uvcvke/oecuv" Fguetkrvkqp" The ujqy"krx8" onf" upqqrkpi" uvcvke/oecuv command is used to display the static multicast groups configured by users. U{pvcz" ujqy"krx8"onf"upqqrkpi"uvcvke/oecuv Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display static multicast groups: VN/UN764:G*eqphki+%"ujqy"krx8"onf"upqqrkpi"uvcvke/oecuv"...
Page 280 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg The ujqy" krx8" onf" upqqrkpi" hknvgt command is used to display the filter entries. U{pvcz" ujqy"krx8"onf"upqqrkpi"hknvgt Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the filter entries: VN/UN764:G*eqphki+%"ujqy"krx8"onf"upqqrkpi"hknvgt ujqy"krx8"onf"upqqrkpi"kpvgthceg" Fguetkrvkqp" The ujqy" krx8" onf" upqqrkpi" kpvgthceg command is used to display the interface information of MLD Snooping.
Page 281 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display all filter ids bounded to all interface: VN/UN764:G*eqphki+%"ujqy"krx8"onf"upqqrkpi"kpvgthceg"hknvgt ujqy"krx8"onf"upqqrkpi"swgtkgt" Fguetkrvkqp" The ujqy"krx8"onf"upqqrkpi"swgtkgt command is used to display the Querier configuration of VLAN. U{pvcz" ujqy"krx8"onf"upqqrkpi"swgtkgt"]xncp"vlan-id_ Rctcogvgt"...
Page 282 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Display statistics of MLD packets: VN/UN764:G*eqphki+%"ujqy"krx8"onf"upqqrkpi"uvcvkuvkeu...
Page 283 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"57" UPOR"Eqoocpfu" SNMP (Simple Network Management Protocol) functions are used to manage the network devices for a smooth communication, which can facilitate the network administrators to monitor the network nodes and implement the proper operation. upor/ugtxgt"...
Page 284 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" name —— The entry name of View, ranging from 1 to 16 characters. Each View can include several entries with the same name. mib-oid —— MIB Object ID. It is the Object Identifier (OID) for the entry of View, ranging from 1 to 61 characters.
Page 285 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg smode —— Security Model, with v1、v2c and v3 options. They represent SNMP v1, SNMP v2c and SNMP v3. slev —— The Security Level of SNMP v3 Group. There are three options, including noAuthNoPriv （no authorization and no encryption）、authNoPriv （authorization and no encryption）...
Page 286 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" upor/ugtxgt"wugt"name { local | remote } group-name [uoqfg { v1 | v2c | v3 }] [ungx { noAuthNoPriv | authNoPriv | authPriv }] [eoqfg { none | MD5 | SHA }] [eryf confirm-pwd] [goqfg { none | DES }] [gryf encrypt-pwd] pq"upor/ugtxgt"wugt name Rctcogvgt"...
Page 287 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Add Local User admin to Group group2, and configure the Security Model of the user as v3, the Security Level of the group as authPriv, the Authentication Mode of the user as MD5, the Authentication Password as 11111, the Privacy Mode as DES, and the Privacy Password as 22222: VN/UN764:G*eqphki+%upor/ugtxgt"...
Page 288 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg upor/ugtxgt"jquv" Fguetkrvkqp" The upor/ugtxgt" jquv command is used to add Notification. To delete the corresponding Notification, please use pq" upor/ugtxgt" jquv command. With the Notification function enabled, the switch can initiatively report to the management station about the important events that occur on the Views, which allows the management station to monitor and process the events in time.
Page 289 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg timeout —— The maximum time for the switch to wait for the response from the management station before resending a request, ranging from 1 to 3600 in seconds. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Add a Notification entry, and configure the IP address of the management Host as 192.168.0.146, the UDP port as 162, the User name of the management station as admin, the Security Model of the management station as v2c, the type...
Page 290 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the local engineID as 1234567890, and the remote engineID as abcdef123456: VN/UN764:G*eqphki+%upor/ugtxgt" gpikpgKF" nqecn" 1234567890" tgoqvg" abcdef123456" upor/ugtxgt"vtcru"upor" Fguetkrvkqp" The upor/ugtxgt vtcru" upor command is used to enable SNMP standard traps which include five types: linkup, linkdown, warmstart, coldstart, and auth-failure.
Page 291 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable the linkup trap for the switch: VN/UN764:G*eqphki+%"upor/ugtxgt"vtcru"upor linkup" upor/ugtxgt"vtcru"ugewtkv{" Fguetkrvkqp" The upor/ugtxgt vtcru" ugewtkv{ command is used to enable SNMP security traps which include four types: dhcp-filter, ip-duplicate, ip-mac-binding, and port-access. To disable the sending of SNMP security traps, please use pq" upor/ugtxgt"vtcru"ugewtkv{ command.
Page 292 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable the dhcp-filter trap for the switch: VN/UN764:G*eqphki+%"upor/ugtxgt"vtcru"ugewtkv{ dhcp-filter" upor/ugtxgt"vtcru"nkpm/uvcvwu" Fguetkrvkqp" The upor/ugtxgt" vtcru" nkpm/uvcvwu" command is used to enable SNMP link status trap for the specified port. To disable the sending of SNMP link status trap, please use pq"upor/ugtxgt"vtcru"nkpm/uvcvwu"command.
Page 293 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" bandwidth-control —— Enable bandwidth-control trap. It is sent when the rate limit function is enabled and the bandwidth exceeds the predefined value. cpu —— Allow CPU-related trap. It is sent when CPU usage exceeds the predefined threshold.
Page 294 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Pqvg<" " The upor/ugtxgt" vtcru" oce" command without any parameter is used to enable all the four types of traps. And the pq upor/ugtxgt" vtcru" oce" command without any parameter is used to disable all the four types of traps U{pvcz"...
Page 295 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Pqvg<" " The upor/ugtxgt" vtcru" xncp" command without any parameter is used to enable the both traps. And the pq upor/ugtxgt"vtcru"xncp"command without any parameter is used to disable the the both traps. U{pvcz" upor/ugtxgt"vtcru"xncp"[ create | delete ] pq"upor/ugtxgt"vtcru"xncp [create | delete ] Rctcogvgt"...
Page 296 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" index —— The index number of the entry, ranging from 1 to 12, in the format of 1-3,5. port —— The Fast/Gigabit Ethernet port number. seconds —— The interval to take samplings from the port, ranging from 10 to 3600 in seconds.
Page 297 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg type —— The event type, with “none”, “log”, “notify” and “both” options. “None” indicates no processing, “log” indicates logging the event, “notify” indicates sending trap messages to the management station, and “both” indicates logging the event and sending trap messages to the management station.
Page 298 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg port — — String for the port on which the Alarm entry acts, format as module/slot/port, for example 1/0/24. alarm-variable —— The alarm variable. By default, the option is drop. s-type —— Sample Type, which is the sampling method for the selected variable and comparing the value against the thresholds.
Page 299 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%toqp" cncto 1-3" kpvgthceg" fastEthernet 1/0/2 qypgt owner1 kpvgtxcn"100 ujqy"upor/ugtxgt" Fguetkrvkqp" The ujqy" upor/ugtxgt command is used to display SNMP configuration globally. U{pvcz" ujqy"upor/ugtxgt" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display SNMP configuration globally: VN/UN764:G%ujqy"upor/ugtxgt ujqy"upor/ugtxgt"xkgy"...
Page 300 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the Group table: VN/UN764:G%ujqy"upor/ugtxgt"itqwr" ujqy"upor/ugtxgt"wugt" Fguetkrvkqp" The ujqy"upor/ugtxgt"wugt command is used to display the User table. U{pvcz" ujqy"upor/ugtxgt"wugt" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 301 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ujqy"upor/ugtxgt"jquv" Fguetkrvkqp" The ujqy"upor/ugtxgt"jquv"command is used to display the Host table." U{pvcz" ujqy"upor/ugtxgt"jquv" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the Host table: VN/UN764:G%ujqy"upor/ugtxgt"jquv" ujqy"upor/ugtxgt"gpikpgKF" Fguetkrvkqp" The ujqy"upor/ugtxgt"gpikpgKF command is used to display the engineID of the SNMP.
Page 302 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" index —— The index number of the entry selected to display the configuration, ranging from 1 to 12, in the format of 1-3, 5. You can select more than one entry for each command. By default, the configuration of all history sample entries is displayed.
Page 303 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"toqp"cncto"[index]" Rctcogvgt" index —— The index number of the entry selected to display the configuration, ranging from 1 to 12, in the format of 1-3, 5. You can select more than one entry for each command.
Page 304 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"58" NNFR"Eqoocpfu" LLDP function enables network devices to advertise their own device information periodically to neighbors on the same LAN. The information of the LLDP devices in the LAN can be stored by its neighbor in a standard MIB, so it is possible for the information to be accessed by a Network Management System (NMS) using SNMP.
Page 305 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" multiplier —— Configure the Hold Multiplier parameter. It ranges from 2 to 10. By default, it is 4. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Specify Hold Multiplier as 5: VN/UN764:G*eqphki+%nnfr"jqnf/ownvkrnkgt"5" nnfr"vkogt" Fguetkrvkqp" The nnfr" vkogt command is used to configure the parameters about transmission.
Page 306 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg is, the transmit interval will be shorten to a second, and several LLDPDUs will be sent out (the number of LLDPDUs equals this parameter). The value ranges from 1 to 10 and the default value is 3. Eqoocpf"Oqfg"...
Page 307 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" nnfr"vtcpuokv" pq"nnfr"vtcpuokv" Eqoocpf"Oqfg" Interface Configuration Mode (interface fastEthernet / interface range fastEthernet / interface gigabitEthernet / interface range gigabitEthernet) Gzcorng" Enable Fast Ethernet port 1 to transmit LLDPDU: VN/UN764:G*eqphki+%"kpvgthceg"hcuvGvjgtpgv"1/0/1 VN/UN764:G*eqphki/kh+%nnfr"vtcpuokv" nnfr"upor/vtcr" Fguetkrvkqp" The nnfr"upor/vtcr command is used to enable the port’s SNMP notification.
Page 308 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nnfr"vnx/ugngev" Fguetkrvkqp" The nnfr" vnx/ugngev command is used to configure TLVs to be included in outgoing LLDPDU. To exclude TLVs, please use pq"nnfr"vnx/ugngev command. By default, All TLVs are included in outgoing LLDPDU. U{pvcz"...
Page 309 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G%ujqy"nnfr" " ujqy"nnfr"kpvgthceg" Fguetkrvkqp" The ujqy"nnfr"kpvgthceg command is used to display LLDP configuration of the corresponding port. By default, the LLDP configuration of all the ports will be displayed. U{pvcz" ujqy"nnfr"kpvgthceg ["hcuvGvjgtpgv"port | ikicdkvGvjgtpgv port] Rctcogvgt"...
Page 310 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the LLDP information of Fast Ethernet port 1: VN/UN764:G%ujqy"nnfr"nqecn/kphqtocvkqp"kpvgthceg"hcuvGvjgtpgv"1/0/1 ujqy"nnfr"pgkijdqt/kphqtocvkqp"kpvgthceg" Fguetkrvkqp" The ujqy" nnfr" pgkijdqt/kphqtocvkqp kpvgthceg command is used to display the neighbor information of the corresponding port. By default, the neighbor information of all the ports will be displayed.
Page 311 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the LLDP statistic information of Fast Ethernet port 1: VN/UN764:G%ujqy"nnfr"vtchhke"kpvgthceg"hcuvGvjgtpgv 1/0/1"...
Page 312 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"59" Enwuvgt"Eqoocpfu" Cluster Management function enables a network administrator to manage the scattered devices in the network via a management device. After a commander switch is configured, management and maintenance operations intended for the member devices in a cluster is implemented by the commander device.
Page 313 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%enwuvgt"pfr" " VN/UN764:G*eqphki+%enwuvgt"pfr"vkogt"jgnnq"50 cikpi"120" enwuvgt"pvfr" Fguetkrvkqp" The enwuvgt"pvfr command is used to configure NTDP globally. To return to the default configuration, please use pq" enwuvgt" pvfr command. NTDP (Neighbor Topology Discovery Protocol) is used to collect the NDP information and neighboring connection information of each device in a specific network range.
Page 314 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable NTDP function globally, and specify NTDP Hops as 5, NTDP Interval Time as 30 minutes: VN/UN764:G*eqphki+%enwuvgt"pvfr" " VN/UN764:G*eqphki+%enwuvgt"pvfr"vkogt"kpvgtxcn/vkogt"30 VN/UN764:G*eqphki+%enwuvgt"pvfr"jqr"5" enwuvgt"gzrnqtg" Fguetkrvkqp" The enwuvgt" gzrnqtg command is used to enable the topology information collecting function manually.
Page 315 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enable NDP and NTDP function for Fast Ethernet port 5: VN/UN764:G*eqphki+%kpvgthceg"hcuvGvjgtpgv"1/0/5" VN/UN764:G*eqphki/kh+%enwuvgt"pfr"enable"pvfr"enable enwuvgt"kr"rqqn" Fguetkrvkqp" The enwuvgt"kr"rqqn"command is used to create a new cluster. If no specified cluster name is set through enwuvgt"eqoocpfgt command, the newly created cluster will enjoy the system default name “tplink-cluster”.
Page 316 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the newly created cluster name as tp: VN/UN764:G*eqphki+%enwuvgt"eqoocpfgt"tp" enwuvgt"ocpcig" Fguetkrvkqp" The enwuvgt"ocpcig command is used to configure the hold time and interval to send handshake packets of the cluster. To return to the default configuration, please use pq"enwuvgt"ocpcig"command.
Page 317 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" enwuvgt"ogodgt {oce/cfftguu"mac-address} pq"enwuvgt"ogodgt"{oce/cfftguu"mac-address}" Rctcogvgt" mac-address" ——" The MAC address of the member switch desired to join in or to be deleted from the cluster. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Add the switch whose MAC address is 0e-3f-4g-5e-6d-7b to the cluster: VN/UN764:G*eqphki+%enwuvgt"ogodgt"oce"cfftguu"0e-3f-4g-5e-6d-7b"...
Page 318 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Specify the current switch as individual switch: VN/UN764:G*eqphki+%enwuvgt"kpfkxkfwcn" ujqy"enwuvgt"pfr" Fguetkrvkqp" The ujqy"enwuvgt"pfr command is used to display the NDP information. U{pvcz" ujqy" enwuvgt" pfr [" kpvgthceg" [" hcuvGvjgtpgv port" |" ikicdkvGvjgtpgv" port" | vgp/ikicdkvGvjgtpgv port"] ] Rctcogvgt"...
Page 319 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the global information of NTDP: VN/UN764:G%ujqy"enwuvgt"pvfr" Display the NTDP configuration of all Ethernet ports: VN/UN764:G%ujqy"enwuvgt"pvfr"kpvgthceg Display the device table of NTDP: VN/UN764:G%ujqy"enwuvgt"pvfr"fgxkeg/nkuv" ujqy"enwuvgt" " Fguetkrvkqp"...
Page 320 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the member information: VN/UN764:G%ujqy"enwuvgt"ogodgt" ujqy"enwuvgt"ocpcig"tqng" Fguetkrvkqp" The ujqy" enwuvgt" ocpcig" tqng command is used to display the role of the current switch. U{pvcz" ujqy"enwuvgt"ocpcig"tqng Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng"...
Page 321 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"5:" CCC"Eqoocpfu" AAA stands for authentication, authorization and accounting. This feature is used to authenticate users trying to log in to the switch or trying to access the administrative level privilege. Crrnkecdng"Ceeguu"Crrnkecvkqp" " The authentication can be applied on the following access applications: Console, Telnet, SSH and HTTP.
Page 322 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg vcececu/ugtxgt"jquv" Fguetkrvkqp" The vceceu/ugtxgt"jquv"command is used to configure a new TACACS+ server. To delete the specified TACACS+ server, please use pq" vceceu/ugtxgt jquv command. U{pvcz" vceceu/ugtxgt"jquv ip-address ["rqtv port-id ] [ vkogqwv time ] [ mg{ { [ 0 ] string | 7 encryped-string } ] pq"vceceu/ugtxgt"jquv"ip-address Rctcogvgt"...
Page 323 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Configure a TACACS+ server with the IP address as 1.1.1.1, TCP port as 1500, timeout as 6 seconds, and the unencrypted key string as 12345. VN/UN764:G*eqphki+% vceceu/ugtxgt" jquv 1.1.1.1 rqtv 1500 vkogqwv 6 mg{ 12345 ujqy"vceceu/ugtxgt"...
Page 324 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ceev/rqtv port-id —— Specify the UDP destination port for accouting requests. By deault it is 1813. time —— Specify the time in seconds the switch waits for the server’s response before it times out. The time ranges from 1 to 9 seconds. The default is 5 seconds.
Page 325 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg U{pvcz" ujqy"tcfkwu/ugtxgt" Eqoocpf"Oqfg" Privileged EXEC Mode and Any Configuration Mode Gzcorng" Display the information of all the RADIUS servers: VN/UN764:G*eqphki+%"ujqy"tcfkwu/ugtxgt ccc"itqwr" Fguetkrvkqp" This ccc"itqwr"command is used to create AAA server groups to group existing TACACS+/RADIUS servers for authentication.
Page 326 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ugtxgt" Fguetkrvkqp" This ugtxgt"command is used to add the existing server in the defined server group. To remove the specified server from the server group, please use the pq" ugtxgt"command. U{pvcz" ugtxgt"ip-address pq"ugtxgt"ip-address Rctcogvgt"...
Page 327 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki+%"ujqy"ccc"itqwr ccc"cwvjgpvkecvkqp"nqikp" Fguetkrvkqp" This ccc" cwvjgpvkecvkqp" nqikp" command is used to configure a login authentication method list. A method list describes the authentication methods and their sequence to authenticate a user. To delete the specified authentication method list, please use the pq"ccc"cwvjgpvkecvkqp"nqikp"command.
Page 328 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ccc"cwvjgpvkecvkqp"gpcdng" Fguetkrvkqp" This ccc" cwvjgpvkecvkqp" gpcdng" command is used to configure a privilege authentication method list. A method list describes the authentication methods and their sequence to elevate a user’s privilege. To delete the specified authentication method list, please use the pq"...
Page 329 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg ccc"cwvjgpvkecvkqp"fqv3z"fghcwnv" Fguetkrvkqp" This ccc" cwvjgpvkecvkqp" fqv3z" fghcwnv" command is used to configure an 802.1X authentication method list. A method list describes the authentication methods for users’ login in 802.1X. To delete the default authentication method list, please use the pq"ccc"cwvjgpvkecvkqp"fqv3z"fghcwnv"command."...
Page 330 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Configure the default 802.1X accounting method as “radius1”: VN/UN764:G*eqphki+%"ccc"ceeqwpvkpi"fqv3z"fghcwnv"radius1 ujqy"ccc"cwvjgpvkecvkqp" Fguetkrvkqp" This ujqy" ccc" cwvjgpvkecvkqp" command is used to display the summary information of the authentication login, enable and dot1x metheod list. U{pvcz"...
Page 331 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Display the information of the default 802.1X accounting method list: VN/UN764:G*eqphki+%"ujqy"ccc"ceeqwpvkpi nkpg"eqpuqng" Fguetkrvkqp" The" nkpg eqpuqng command is used to enter the Line Configuration Mode configure the console port to which you want to apply the authentication list. U{pvcz"...
Page 332 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" method-list —— Specify the login method list on the console port. It is “default” by default, which contains the method “local”. Eqoocpf"Oqfg" Line Configuration Mode Gzcorng" Configure the login authentication method list on the console port as “list1”: VN/UN764:G*eqphki+%"nkpg"eqpuqng 0 VN/UN764:G*eqphki/nkpg+%"nqikp"cwvjgpvkecvkqp"list1 gpcdng"cwvjgpvkecvkqp*eqpuqng+"...
Page 333 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg nkpg"vgnpgv" Fguetkrvkqp" The" nkpg vgnpgv command is used to enter the Line Configuration Mode configure the telnet terminal line to which you want to apply the authentication list. U{pvcz" nkpg"vgnpgv Eqoocpf"Oqfg" Global Configuration Mode Gzcorng"...
Page 334 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg VN/UN764:G*eqphki/nkpg+%"nqikp"cwvjgpvkecvkqp"list1 gpcdng"cwvjgpvkecvkqp*vgnpgv+" Fguetkrvkqp" The" gpcdng" cwvjgpvkecvkqp command is used to apply the privilege authentication method list to the telnet terminal line. To restore to the default authentication method list, please use the pq"gpcdng"cwvjgpvkecvkqp"command. U{pvcz"...
Page 335 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Gzcorng" Enter the ssh terminal line configuration mode: VN/UN764:G*eqphki+%nkpg"uuj nqikp"cwvjgpvkecvkqp*uuj+" Fguetkrvkqp" The" nqikp" cwvjgpvkecvkqp command is used to apply the login authentication method list to the ssh terminal line. To restore to the default authentication method list, please use the pq"nqikp"cwvjgpvkecvkqp"command.
Page 336 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Rctcogvgt" method-list —— Specify the enable method list on the ssh terminal line. It is “default” by default, which contains the method “none”. Eqoocpf"Oqfg" Line Configuration Mode Gzcorng" Configure the enable authentication method list on the ssh terminal line as “list2”: VN/UN764:G*eqphki+%"nkpg"uuj VN/UN764:G*eqphki/nkpg+%"gpcdng"cwvjgpvkecvkqp"list2...
Page 337 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg kr"jvvr"gpcdng"cwvjgpvkecvkqp" Fguetkrvkqp" The" kr" jvvr" gpcdng" cwvjgpvkecvkqp command is used to apply the privilege authentication method list to users accessing through HTTP. To restore to the default authentication method list, please use the pq" kr" jvvr" gpcdng" cwvjgpvkecvkqp"command.
Page 338 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Ejcrvgt"5;" FJER"Tgnc{"Eqoocpfu" A DHCP Relay is a Layer 3 device that forwards DHCP packets between clients and servers. DHCP Relay forward requests and replies between clients and servers when they are not on the same physical subnet.
Page 339 VN/UN764:G LgvUvtgco" N4" Ocpcigf" Uykvej" ENK" Iwkfg Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Add two DHCP Servers with IP addresses 192.168.2.1 and 192.168.3.1 to the switch: VN/UN764:G"*eqphki+%"kr"fjer"tgnc{"jgnrgt/cfftguu"192.168.2.1 VN/UN764:G"*eqphki+%"kr"fjer"tgnc{"jgnrgt/cfftguu"192.168.3.1 kr"fjer"tgnc{"kphqtocvkqp"qrvkqp" Fguetkrvkqp" The kr"fjer"tgnc{"kphqtocvkqp"qrvkqp command is used to enable option 82 support in DHCP Relay. To disable this function, please use pq"kr"fjer"tgnc{" kphqtocvkqp"qrvkqp command.
Page 340 Rctcogvgt" circuitID —— Specify the circuit ID, ranging from 1 to 63 characters. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Specify the circuit ID as “TP-LINK”: VN/UN764:G*eqphki+%"kr"fjer"tgnc{"kphqtocvkqp"ektewkv/kf"TP-LINK" kr"fjer"tgnc{"kphqtocvkqp"tgoqvg/kf" Fguetkrvkqp" The kr" fjer" tgnc{" kphqtocvkqp" tgoqvg/kf command is used to specify the custom remote ID when option 82 customization is enabled. To clear the remote ID, please use pq"kr"fjer"tgnc{"kphqtocvkqp"tgoqvg/kf command.
Page 341 —— Specify the remote ID, ranging from 1 to 63 characters. Eqoocpf"Oqfg" Global Configuration Mode Gzcorng" Specify the remote ID as “TP-LINK”: VN/UN764:G*eqphki+%"kr"fjer"tgnc{"kphqtocvkqp"tgoqvg/kf"TP-LINK" ujqy"kr"fjer"tgnc{" Fguetkrvkqp" The ujqy" kr" fjer" tgnc{ command is used to display the global status and Option 82 configuration of DHCP Relay.

TP-Link TL-SL5428E Reference Manual

Quick Links

Need help?

Questions and answers

Related Manuals for TP-Link TL-SL5428E

Summary of Contents for TP-Link TL-SL5428E