T1500G-10PSUN V1 CLI Reference Guide Guide
Page 13
... radius-server 277 aaa group ...278 server ...278 show aaa group...279 aaa authentication login 280 aaa authentication enable 281 aaa authentication dot1x default 282 aaa accounting dot1x default 282 show aaa authentication 283 show aaa accounting 284 line telnet...284 login authentication(telnet 285 line ssh ...285 login authentication(ssh 286...
... radius-server 277 aaa group ...278 server ...278 show aaa group...279 aaa authentication login 280 aaa authentication enable 281 aaa authentication dot1x default 282 aaa accounting dot1x default 282 show aaa authentication 283 show aaa accounting 284 line telnet...284 login authentication(telnet 285 line ssh ...285 login authentication(ssh 286...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 19
keep the default value 22 in the Port field; Figure 1-5 Enable SSH function Password Authentication Mode 1. Enter the IP address of PuTTY. select SSH as the Connection type. Open the software to log on to the interface of the switch into Host Name field; Figure 1-6 SSH Connection Config 6
keep the default value 22 in the Port field; Figure 1-5 Enable SSH function Password Authentication Mode 1. Enter the IP address of PuTTY. select SSH as the Connection type. Open the software to log on to the interface of the switch into Host Name field; Figure 1-6 SSH Connection Config 6
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 50
... gigabitEthernet 1/0/2-4 T1500G-10MPS(config-if-range)# channel-group 1 mode on 5.2 port-channel load-balance Description The port-channel load-balance command is "src-dst-mac" by default. When this option is selected, the Aggregate Arithmetic will be based on the source and destination IP addresses of ...the destination MAC address of the packets. The Aggregate Arithmetic for LAG is used to the default configurations, please use no port-channel load-balance Parameter src-mac -- dst-ip -- To return to configure the Aggregate Arithmetic for LAG. When this option is selected, ...
... gigabitEthernet 1/0/2-4 T1500G-10MPS(config-if-range)# channel-group 1 mode on 5.2 port-channel load-balance Description The port-channel load-balance command is "src-dst-mac" by default. When this option is selected, the Aggregate Arithmetic will be based on the source and destination IP addresses of ...the destination MAC address of the packets. The Aggregate Arithmetic for LAG is used to the default configurations, please use no port-channel load-balance Parameter src-mac -- dst-ip -- To return to configure the Aggregate Arithmetic for LAG. When this option is selected, ...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 51
... system priority globally. Example Configure the LACP system priority as "src-dst-ip": T1500G-10MPS(config)# port-channel load-balance src-dst-ip 5.3 lacp system-priority Description The lacp system-priority command is 32768 by default. The system priority, ranging from 0 to the default configurations, please use no lacp system-priority Parameter pri -- Command Mode...
... system priority globally. Example Configure the LACP system priority as "src-dst-ip": T1500G-10MPS(config)# port-channel load-balance src-dst-ip 5.3 lacp system-priority Description The lacp system-priority command is 32768 by default. The system priority, ranging from 0 to the default configurations, please use no lacp system-priority Parameter pri -- Command Mode...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 58
...the latest configured password will follow . The password is "admin" by default. 0 -- T1500G-10MPS(config)#user name tplink privilege admin secret 0 admin 6.3 user access-control ip-based Description The user access-control ip-based command is 0. password --Users' login password, a string from another... switch's configuration file. By default, the encryption type is used to access the switch. ...
...the latest configured password will follow . The password is "admin" by default. 0 -- T1500G-10MPS(config)#user name tplink privilege admin secret 0 admin 6.3 user access-control ip-based Description The user access-control ip-based command is 0. password --Users' login password, a string from another... switch's configuration file. By default, the encryption type is used to access the switch. ...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 59
... [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] -- Example Enable the access-control of the user whose IP address is 192.168.0.148: T1500G-10MPS(config)# user access-control ip-based 192.168.0.148 255.255.255.255 6.4 user access-control mac-based Description The user access-control mac-based...the users' access. The source IP address. Syntax user access-control ip-based { ip-addr ip-mask } [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] no user access-control command. Only the users within the IP-range you set here are enabled by default. To cancel the user access...
... [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] -- Example Enable the access-control of the user whose IP address is 192.168.0.148: T1500G-10MPS(config)# user access-control ip-based 192.168.0.148 255.255.255.255 6.4 user access-control mac-based Description The user access-control mac-based...the users' access. The source IP address. Syntax user access-control ip-based { ip-addr ip-mask } [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] no user access-control command. Only the users within the IP-range you set here are enabled by default. To cancel the user access...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 64
...key (contained in the certificate) and its corresponding private key. By default, the switch has a certificate (self-signed certificate) and a corresponding private key. To disable the HTTP function, please use no ip http server Command Mode Global Configuration Mode Privilege Requirement Only Admin and ...the same time. A key pair refers to encrypt/decrypt information. Syntax ip http server no ip http server command. HTTP is to these commands. Example Disable the HTTP function: T1500G-10MPS(config)# no ip http server 51 Chapter 7 HTTP and HTTPS Commands With the help of ...
...key (contained in the certificate) and its corresponding private key. By default, the switch has a certificate (self-signed certificate) and a corresponding private key. To disable the HTTP function, please use no ip http server Command Mode Global Configuration Mode Privilege Requirement Only Admin and ...the same time. A key pair refers to encrypt/decrypt information. Syntax ip http server no ip http server command. HTTP is to these commands. Example Disable the HTTP function: T1500G-10MPS(config)# no ip http server 51 Chapter 7 HTTP and HTTPS Commands With the help of ...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 66
...Privilege Requirement Only Admin and Operator level users have access to the default timeout time, please use no ip http secure-server Command Mode Global Configuration Mode 53 To disable the HTTPS function, please use no ip http session timeout Parameter minutes --The timeout time, ranging from ...5 to configure the connection timeout of the HTTP server connection as 15 minutes: T1500G-10MPS(config)# ip http session timeout 15 7.4 ip http secure-server Description The ip http secure-server command is 10. This function is used to enable the HTTPS server within the ...
...Privilege Requirement Only Admin and Operator level users have access to the default timeout time, please use no ip http secure-server Command Mode Global Configuration Mode 53 To disable the HTTPS function, please use no ip http session timeout Parameter minutes --The timeout time, ranging from ...5 to configure the connection timeout of the HTTP server connection as 15 minutes: T1500G-10MPS(config)# ip http session timeout 15 7.4 ip http secure-server Description The ip http secure-server command is 10. This function is used to enable the HTTPS server within the ...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 67
... User level users have access to these commands. Example Configure the protocol of SSL connection as SSL 3.0: T1500G-10MPS(config)# ip http secure-protocol ssl3 54 The SSL 3.0 protocol. The TLS 1.0 protocol Command Mode Global Configuration Mode Privilege...T1500G-10MPS(config)# no ip http secure-server 7.5 ip http secure-protocol Description The ip http secure-protocol command is used to the default SSL version, please use no ip http secure-protocol Parameter ssl3 -- Syntax ip http secure-protocol { [ ssl3 ] [ tls1 ] } no ip http secure-protocol command. tls1 -- By default...
... User level users have access to these commands. Example Configure the protocol of SSL connection as SSL 3.0: T1500G-10MPS(config)# ip http secure-protocol ssl3 54 The SSL 3.0 protocol. The TLS 1.0 protocol Command Mode Global Configuration Mode Privilege...T1500G-10MPS(config)# no ip http secure-server 7.5 ip http secure-protocol Description The ip http secure-protocol command is used to the default SSL version, please use no ip http secure-protocol Parameter ssl3 -- Syntax ip http secure-protocol { [ ssl3 ] [ tls1 ] } no ip http secure-protocol command. tls1 -- By default...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 68
... are allowed to connect to the default ciphersuite types, please use no ip http secure-ciphersuite command. Specify the encryption algorithm and the digest algorithm to configure the cipherSuites over the SSL connection as 3des-ede-cbc-sha: T1500G-10MPS(config)# ip http secure-ciphersuite 3des-ede-cbc-sha 7.7 ip http secure-max-users Description...
... are allowed to connect to the default ciphersuite types, please use no ip http secure-ciphersuite command. Specify the encryption algorithm and the digest algorithm to configure the cipherSuites over the SSL connection as 3des-ede-cbc-sha: T1500G-10MPS(config)# ip http secure-ciphersuite 3des-ede-cbc-sha 7.7 ip http secure-max-users Description...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 69
...users should be no more than 16. power-user-num -- The total number of users should be no more than 16. To restore to the default timeout time, please use no more than 16. The total number of the users logging on to the HTTPS server as User, ranging from 0..., Power User and User logging on to the HTTPS server as 5, 2, 2, and 1: T1500G-10MPS(config)# ip http secure-max-users 5 2 2 1 7.8 ip http secure-session timeout Description The ip http secure-session timeout command is used to these commands. Syntax ip http secure-max-users admin-num operator-num power-user-num user-num no...
...users should be no more than 16. power-user-num -- The total number of users should be no more than 16. To restore to the default timeout time, please use no more than 16. The total number of the users logging on to the HTTPS server as User, ranging from 0..., Power User and User logging on to the HTTPS server as 5, 2, 2, and 1: T1500G-10MPS(config)# ip http secure-max-users 5 2 2 1 7.8 ip http secure-session timeout Description The ip http secure-session timeout command is used to these commands. Syntax ip http secure-max-users admin-num operator-num power-user-num user-num no...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 70
...server connection as 15 minutes: T1500G-10MPS(config)# ip http secure-session timeout 15 7.9 ip http secure-server download certificate Description The ip http secure-server download certificate command is used to download a certificate to the switch from 1 to the switch. The IP address of the SSL certificate ... users have access to 30 in minutes. Command Mode Global Configuration Mode 57 By default, the value is selected to download to 25 characters. Syntax ip http secure-server download certificate ssl-cert ip-address ip-addr Parameter ssl-cert -- The name of the TFTP server. Syntax...
...server connection as 15 minutes: T1500G-10MPS(config)# ip http secure-session timeout 15 7.9 ip http secure-server download certificate Description The ip http secure-server download certificate command is used to download a certificate to the switch from 1 to the switch. The IP address of the SSL certificate ... users have access to 30 in minutes. Command Mode Global Configuration Mode 57 By default, the value is selected to download to 25 characters. Syntax ip http secure-server download certificate ssl-cert ip-address ip-addr Parameter ssl-cert -- The name of the TFTP server. Syntax...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 77
... DHCP Snooping on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information option 8.5 ip dhcp snooping information strategy Description The ip dhcp snooping information strategy command is used to the default option, please use no ip dhcp snooping information option command. Syntax ip dhcp snooping information strategy strategy no ip dhcp snooping information strategy...
... DHCP Snooping on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information option 8.5 ip dhcp snooping information strategy Description The ip dhcp snooping information strategy command is used to the default option, please use no ip dhcp snooping information option command. Syntax ip dhcp snooping information strategy strategy no ip dhcp snooping information strategy...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 78
replace: Indicates to default Remote ID for the Option 82, please use no ip dhcp snooping information remote-id Parameter string -- To return to replace the Option 82 field of the DHCP request packets from the...then send out on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information strategy replace 8.6 ip dhcp snooping information remote-id Description The ip dhcp snooping information remote-id command is the default option; Syntax ip dhcp snooping information remote-id string no ip dhcp snooping information remote-id command...
replace: Indicates to default Remote ID for the Option 82, please use no ip dhcp snooping information remote-id Parameter string -- To return to replace the Option 82 field of the DHCP request packets from the...then send out on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information strategy replace 8.6 ip dhcp snooping information remote-id Description The ip dhcp snooping information remote-id command is the default option; Syntax ip dhcp snooping information remote-id string no ip dhcp snooping information remote-id command...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 79
... ID, which contains 64 characters at most. To return to the default Circuit ID for the Option 82 on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information remote-id tplink 8.7 ip dhcp snooping information circuit-id Description The ip dhcp snooping information circuit-id command is used to enable and...
... ID, which contains 64 characters at most. To return to the default Circuit ID for the Option 82 on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information remote-id tplink 8.7 ip dhcp snooping information circuit-id Description The ip dhcp snooping information circuit-id command is used to enable and...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 81
... for the DHCP packets. The value of the Host. The default value is to these commands. Example Enable the MAC Verify feature for "disable". Syntax ip dhcp snooping limit rate value no ip dhcp snooping mac-verify Command Mode Interface Configuration Mode (interface gigabitEthernet...the Gigabit Ethernet port 10/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping mac-verify 8.10 ip dhcp snooping limit rate Description The ip dhcp snooping limit rate command is used to the default configuration, please use no ip dhcp snooping limit rate command....
... for the DHCP packets. The value of the Host. The default value is to these commands. Example Enable the MAC Verify feature for "disable". Syntax ip dhcp snooping limit rate value no ip dhcp snooping mac-verify Command Mode Interface Configuration Mode (interface gigabitEthernet...the Gigabit Ethernet port 10/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping mac-verify 8.10 ip dhcp snooping limit rate Description The ip dhcp snooping limit rate command is used to the default configuration, please use no ip dhcp snooping limit rate command....
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 82
...T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping limit rate 20 8.11 ip dhcp snooping decline rate Description The ip dhcp snooping decline rate command is 0, which stands for "disable". Syntax ip dhcp snooping decline rate value no ip dhcp snooping decline rate command. It default... value is used to enable the Decline Protect feature and configure the rate limit on Gigabit Ethernet port 1/0/2: T1500G-10MPS(config)#interface ...
...T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping limit rate 20 8.11 ip dhcp snooping decline rate Description The ip dhcp snooping decline rate command is 0, which stands for "disable". Syntax ip dhcp snooping decline rate value no ip dhcp snooping decline rate command. It default... value is used to enable the Decline Protect feature and configure the rate limit on Gigabit Ethernet port 1/0/2: T1500G-10MPS(config)#interface ...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 88
... received ARP packets per second as 50 pps for the Gigabit Ethernet ports 1/0/2-6: T1500G-10MPS(config)#interface range gigabitEthernet 1/0/2-6 T1500G-10MPS(config-if-range)#ip arp inspection 9.4 ip arp inspection limit-rate Description The ip arp inspection limit-rate command is 15. By default, the value is used to 100 in pps(packet/second). Example Enable...
... received ARP packets per second as 50 pps for the Gigabit Ethernet ports 1/0/2-6: T1500G-10MPS(config)#interface range gigabitEthernet 1/0/2-6 T1500G-10MPS(config-if-range)#ip arp inspection 9.4 ip arp inspection limit-rate Description The ip arp inspection limit-rate command is 15. By default, the value is used to 100 in pps(packet/second). Example Enable...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 99
... level of the log host. Example Enable log host 2 and set its IP address as 192.168.0.148, the level 5: T1500G-10MPS(config)# logging host index 2 192.168.0.148 5 11.7 logging monitor Description The logging monitor command is enabled by default. By default, it is 6 indicating that the log information marked with 0~6 will be...
... level of the log host. Example Enable log host 2 and set its IP address as 192.168.0.148, the level 5: T1500G-10MPS(config)# logging host index 2 192.168.0.148 5 11.7 logging monitor Description The logging monitor command is enabled by default. By default, it is 6 indicating that the log information marked with 0~6 will be...
T1500G-10PSUN V1 CLI Reference Guide Guide
Page 106
...release the connection if there is 5. 93 Example Specify the idle-timeout time of SSH as 30 seconds: T1500G-10MPS(config)# ip ssh timeout 30 12.5 ip ssh max-client Description The ip ssh max-client command is used to 120 in seconds. To return to the SSH server. The maximum ... from the client. By default, this value is 120 seconds. Syntax ip ssh timeout value no ip ssh max-client Parameter num -- By default, this value is no ip ssh timeout command. Syntax ip ssh max-client num no ip ssh timeout Parameter value -- 12.4 ip ssh timeout Description The ip ssh timeout command is used...
...release the connection if there is 5. 93 Example Specify the idle-timeout time of SSH as 30 seconds: T1500G-10MPS(config)# ip ssh timeout 30 12.5 ip ssh max-client Description The ip ssh max-client command is used to 120 in seconds. To return to the SSH server. The maximum ... from the client. By default, this value is 120 seconds. Syntax ip ssh timeout value no ip ssh max-client Parameter num -- By default, this value is no ip ssh timeout command. Syntax ip ssh max-client num no ip ssh timeout Parameter value -- 12.4 ip ssh timeout Description The ip ssh timeout command is used...