T1500G-10MPSUN V1 CLI Reference Guide
Page 13
... radius-server 277 aaa group...278 server ...278 show aaa group ...279 aaa authentication login 280 aaa authentication enable 281 aaa authentication dot1x default 282 aaa accounting dot1x default 282 show aaa authentication 283 show aaa accounting 284 line telnet ...284 login authentication(telnet 285 line ssh...285 login authentication(ssh 286...
... radius-server 277 aaa group...278 server ...278 show aaa group ...279 aaa authentication login 280 aaa authentication enable 281 aaa authentication dot1x default 282 aaa accounting dot1x default 282 show aaa authentication 283 show aaa accounting 284 line telnet ...284 login authentication(telnet 285 line ssh...285 login authentication(ssh 286...
T1500G-10MPSUN V1 CLI Reference Guide
Page 19
select SSH as the Connection type. Enter the IP address of PuTTY. keep the default value 22 in the Port field; Open the software to log on to the interface of the switch into Host Name field; Figure 1-5 Enable SSH function Password Authentication Mode 1. Figure 1-6 SSH Connection Config 6
select SSH as the Connection type. Enter the IP address of PuTTY. keep the default value 22 in the Port field; Open the software to log on to the interface of the switch into Host Name field; Figure 1-5 Enable SSH function Password Authentication Mode 1. Figure 1-6 SSH Connection Config 6
T1500G-10MPSUN V1 CLI Reference Guide
Page 50
... | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip } no port-channel load-balance command. The Aggregate Arithmetic for LAG. src-ip -- When this option is "src-dst-mac" by default. Example Add ports 2-4 to EtherChannel Group 1 and enable the static LAG: T1500G-10MPS(config)# interface range gigabitEthernet 1/0/2-4 T1500G-10MPS(config-if-range)# channel-group 1 mode...
... | dst-mac | src-dst-mac | src-ip | dst-ip | src-dst-ip } no port-channel load-balance command. The Aggregate Arithmetic for LAG. src-ip -- When this option is "src-dst-mac" by default. Example Add ports 2-4 to EtherChannel Group 1 and enable the static LAG: T1500G-10MPS(config)# interface range gigabitEthernet 1/0/2-4 T1500G-10MPS(config-if-range)# channel-group 1 mode...
T1500G-10MPSUN V1 CLI Reference Guide
Page 51
... no lacp system-priority Parameter pri -- Example Configure the LACP system priority as "src-dst-ip": T1500G-10MPS(config)# port-channel load-balance src-dst-ip 5.3 lacp system-priority Description The lacp system-priority command is 32768 by default. It is used to configure the LACP system priority globally. Syntax lacp system-priority pri no...
... no lacp system-priority Parameter pri -- Example Configure the LACP system priority as "src-dst-ip": T1500G-10MPS(config)# port-channel load-balance src-dst-ip 5.3 lacp system-priority Description The lacp system-priority command is 32768 by default. It is used to configure the LACP system priority globally. Syntax lacp system-priority pri no...
T1500G-10MPSUN V1 CLI Reference Guide
Page 58
...new admin user named "tplink", of the users' access. T1500G-10MPS(config)#user name tplink privilege admin secret 0 admin 6.3 user access-control ip-based Description The user access-control ip-based command is used to limit the IP-range of which you can only view some of the the... password will follow . "user" means that an unencrypted password will be saved to 31 alphanumeric characters or symbols. By default, the encryption type is "admin" by default. 0 -- Indicates an MD5 encrypted password with fixed length, which the password is case sensitive, allows digits, English letters...
...new admin user named "tplink", of the users' access. T1500G-10MPS(config)#user name tplink privilege admin secret 0 admin 6.3 user access-control ip-based Description The user access-control ip-based command is used to limit the IP-range of which you can only view some of the the... password will follow . "user" means that an unencrypted password will be saved to 31 alphanumeric characters or symbols. By default, the encryption type is "admin" by default. 0 -- Indicates an MD5 encrypted password with fixed length, which the password is case sensitive, allows digits, English letters...
T1500G-10MPSUN V1 CLI Reference Guide
Page 59
...http ] [ https ] [ ping ] [ all ] no user access-control [ ip-based index id ] Parameter ip-addr -- The source IP address. Example Enable the access-control of the user whose IP address is 192.168.0.148: T1500G-10MPS(config)# user access-control ip-based 192.168.0.148 255.255.255.255 6.4 user access-control mac... interface. Syntax user access-control ip-based { ip-addr ip-mask } [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] no user access-control command. Only the users within the IP-range you set here are enabled by default. Command Mode Global Configuration Mode ...
...http ] [ https ] [ ping ] [ all ] no user access-control [ ip-based index id ] Parameter ip-addr -- The source IP address. Example Enable the access-control of the user whose IP address is 192.168.0.148: T1500G-10MPS(config)# user access-control ip-based 192.168.0.148 255.255.255.255 6.4 user access-control mac... interface. Syntax user access-control ip-based { ip-addr ip-mask } [ snmp ] [ telnet ] [ ssh ] [ http ] [ https ] [ ping ] [ all ] no user access-control command. Only the users within the IP-range you set here are enabled by default. Command Mode Global Configuration Mode ...
T1500G-10MPSUN V1 CLI Reference Guide
Page 64
... key. Example Disable the HTTP function: T1500G-10MPS(config)# no ip http server command. A key pair refers to encrypt/decrypt information. The Certificate/Key Download function enables the user to replace the default key pair. 7.1 ip http server Description The ip http server command is the protocol to provide...switch through a standard browser. HTTP) based on TCP. To disable the HTTP function, please use no ip http server 51 Syntax ip http server no ip http server Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to enable ...
... key. Example Disable the HTTP function: T1500G-10MPS(config)# no ip http server command. A key pair refers to encrypt/decrypt information. The Certificate/Key Download function enables the user to replace the default key pair. 7.1 ip http server Description The ip http server command is the protocol to provide...switch through a standard browser. HTTP) based on TCP. To disable the HTTP function, please use no ip http server 51 Syntax ip http server no ip http server Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to enable ...
T1500G-10MPSUN V1 CLI Reference Guide
Page 66
...: T1500G-10MPS(config)# ip http session timeout 15 7.4 ip http secure-server Description The ip http secure-server command is used to configure the connection timeout of the HTTP server. The HTTP and HTTPS server function cannot be disabled at the same time. By default, the value is enabled by default. ...To restore to the default timeout time, please use no ip http secure-server Command Mode Global Configuration Mode 53
...: T1500G-10MPS(config)# ip http session timeout 15 7.4 ip http secure-server Description The ip http secure-server command is used to configure the connection timeout of the HTTP server. The HTTP and HTTPS server function cannot be disabled at the same time. By default, the value is enabled by default. ...To restore to the default timeout time, please use no ip http secure-server Command Mode Global Configuration Mode 53
T1500G-10MPSUN V1 CLI Reference Guide
Page 67
.... tls1 -- To restore to the default SSL version, please use no ip http secure-server 7.5 ip http secure-protocol Description The ip http secure-protocol command is used to configure the SSL protocol version. The SSL 3.0 protocol. Example Disable the HTTPS function: T1500G-10MPS(config)# no ip http secure-protocol command. Syntax ip http secure-protocol { [ ssl3 ] [ tls1...
.... tls1 -- To restore to the default SSL version, please use no ip http secure-server 7.5 ip http secure-protocol Description The ip http secure-protocol command is used to configure the SSL protocol version. The SSL 3.0 protocol. Example Disable the HTTPS function: T1500G-10MPS(config)# no ip http secure-protocol command. Syntax ip http secure-protocol { [ ssl3 ] [ tls1...
T1500G-10MPSUN V1 CLI Reference Guide
Page 68
... users have access to the default ciphersuite types, please use no ip http secure-ciphersuite command. Example Configure the ciphersuite to be used for encryption over the SSL connection as 3des-ede-cbc-sha: T1500G-10MPS(config)# ip http secure-ciphersuite 3des-ede-cbc-sha 7.7 ip http secure-max-users Description The ip http secure-max-users...
... users have access to the default ciphersuite types, please use no ip http secure-ciphersuite command. Example Configure the ciphersuite to be used for encryption over the SSL connection as 3des-ede-cbc-sha: T1500G-10MPS(config)# ip http secure-ciphersuite 3des-ede-cbc-sha 7.7 ip http secure-max-users Description The ip http secure-max-users...
T1500G-10MPSUN V1 CLI Reference Guide
Page 69
..., Power User and User logging on to the HTTPS server as 5, 2, 2, and 1: T1500G-10MPS(config)# ip http secure-max-users 5 2 2 1 7.8 ip http secure-session timeout Description The ip http secure-session timeout command is used to the default timeout time, please use no ip http secure-max-users Parameter admin-num -- power-user-num -- Example Configure the...
..., Power User and User logging on to the HTTPS server as 5, 2, 2, and 1: T1500G-10MPS(config)# ip http secure-max-users 5 2 2 1 7.8 ip http secure-session timeout Description The ip http secure-session timeout command is used to the default timeout time, please use no ip http secure-max-users Parameter admin-num -- power-user-num -- Example Configure the...
T1500G-10MPSUN V1 CLI Reference Guide
Page 70
... 10. The name of the HTTPS server connection as 15 minutes: T1500G-10MPS(config)# ip http secure-session timeout 15 7.9 ip http secure-server download certificate Description The ip http secure-server download certificate command is used to download a certificate to the switch. By default, the value is selected to download to the switch from TFTP...
... 10. The name of the HTTPS server connection as 15 minutes: T1500G-10MPS(config)# ip http secure-session timeout 15 7.9 ip http secure-server download certificate Description The ip http secure-server download certificate command is used to download a certificate to the switch. By default, the value is selected to download to the switch from TFTP...
T1500G-10MPSUN V1 CLI Reference Guide
Page 77
...default option, please use no ip dhcp snooping information strategy 64 To disable the Option 82 function, please use no ip dhcp snooping information strategy command. Example Enable the Option 82 function of DHCP Snooping on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information option 8.5 ip... dhcp snooping information strategy Description The ip dhcp snooping information strategy ...
...default option, please use no ip dhcp snooping information strategy 64 To disable the Option 82 function, please use no ip dhcp snooping information strategy command. Example Enable the Option 82 function of DHCP Snooping on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information option 8.5 ip... dhcp snooping information strategy Description The ip dhcp snooping information strategy ...
T1500G-10MPSUN V1 CLI Reference Guide
Page 78
... defined one and then send out on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information strategy replace 8.6 ip dhcp snooping information remote-id Description The ip dhcp snooping information remote-id command is the default option; Parameter strategy -- Syntax ip dhcp snooping information remote-id string no ip dhcp snooping information remote-id command.
... defined one and then send out on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information strategy replace 8.6 ip dhcp snooping information remote-id Description The ip dhcp snooping information remote-id command is the default option; Parameter strategy -- Syntax ip dhcp snooping information remote-id string no ip dhcp snooping information remote-id command.
T1500G-10MPSUN V1 CLI Reference Guide
Page 79
... sub-option Circuit ID for the Option 82 on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information remote-id tplink 8.7 ip dhcp snooping information circuit-id Description The ip dhcp snooping information circuit-id command is used to these commands....Power User level users have access to the default Circuit ID for the Option 82, please use no ip dhcp snooping information circuit-id Parameter string -- Syntax ip dhcp snooping information circuit-id string no ip dhcp snooping information circuit-id command. Example Configure...
... sub-option Circuit ID for the Option 82 on port 1/0/1: T1500G-10MPS(config)#interface gigabitEthernet 1/0/1 T1500G-10MPS(config-if)#ip dhcp snooping information remote-id tplink 8.7 ip dhcp snooping information circuit-id Description The ip dhcp snooping information circuit-id command is used to these commands....Power User level users have access to the default Circuit ID for the Option 82, please use no ip dhcp snooping information circuit-id Parameter string -- Syntax ip dhcp snooping information circuit-id string no ip dhcp snooping information circuit-id command. Example Configure...
T1500G-10MPSUN V1 CLI Reference Guide
Page 81
...default value is 0, which stands for the Gigabit Ethernet port 10/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping mac-verify 8.10 ip dhcp snooping limit rate Description The ip dhcp snooping limit rate command is to these commands. Syntax ip dhcp snooping limit rate value no ip...Verify feature for "disable". The MAC Verify feature is used to the default configuration, please use no ip dhcp snooping limit rate command. Syntax ip dhcp snooping mac-verify no ip dhcp snooping limit rate Parameter value -- containing the MAC address of Flow ...
...default value is 0, which stands for the Gigabit Ethernet port 10/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping mac-verify 8.10 ip dhcp snooping limit rate Description The ip dhcp snooping limit rate command is to these commands. Syntax ip dhcp snooping limit rate value no ip...Verify feature for "disable". The MAC Verify feature is used to the default configuration, please use no ip dhcp snooping limit rate command. Syntax ip dhcp snooping mac-verify no ip dhcp snooping limit rate Parameter value -- containing the MAC address of Flow ...
T1500G-10MPSUN V1 CLI Reference Guide
Page 82
It default value is used to enable the Decline Protect feature and configure the rate limit on Gigabit Ethernet port 1/0/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 69 Specify the rate limit of GigabitEthernet port 1/0/2 as 20 packets per second on DHCP...commands. Example Configure the rate limit of DHCP Decline packets as 20 pps: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping limit rate 20 8.11 ip dhcp snooping decline rate Description The ip dhcp snooping decline rate command is 0, which stands for "disable". To disable...
It default value is used to enable the Decline Protect feature and configure the rate limit on Gigabit Ethernet port 1/0/2: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 69 Specify the rate limit of GigabitEthernet port 1/0/2 as 20 packets per second on DHCP...commands. Example Configure the rate limit of DHCP Decline packets as 20 pps: T1500G-10MPS(config)#interface gigabitEthernet 1/0/2 T1500G-10MPS(config-if)#ip dhcp snooping limit rate 20 8.11 ip dhcp snooping decline rate Description The ip dhcp snooping decline rate command is 0, which stands for "disable". To disable...
T1500G-10MPSUN V1 CLI Reference Guide
Page 88
...per second, ranging from 10 to these commands. Example Enable the arp defend function for Gigabit Ethernet port 5: T1500G-10MPS(config)#interface gigabitEthernet 1/0/5 T1500G-10MPS(config-if)#ip arp inspection limit-rate 50 75 To restore to configure the ARP speed of the received ARP packets per second...access to these commands. Syntax ip arp inspection limit-rate value no ip arp inspection limit-rate Parameter value --The value to specify the maximum amount of a specified port. By default, the value is used to the default speed, please use no ip arp inspection limit-rate command....
...per second, ranging from 10 to these commands. Example Enable the arp defend function for Gigabit Ethernet port 5: T1500G-10MPS(config)#interface gigabitEthernet 1/0/5 T1500G-10MPS(config-if)#ip arp inspection limit-rate 50 75 To restore to configure the ARP speed of the received ARP packets per second...access to these commands. Syntax ip arp inspection limit-rate value no ip arp inspection limit-rate Parameter value --The value to specify the maximum amount of a specified port. By default, the value is used to the default speed, please use no ip arp inspection limit-rate command....
T1500G-10MPSUN V1 CLI Reference Guide
Page 99
host-ip -- By default, it is 6 indicating that the log information ... terminal, please use no logging host index idx Parameter idx -- Syntax logging host index idx host-ip level no logging monitor command. Syntax logging monitor no logging monitor Command Mode Global Configuration Mode 86 ...IP for the log host. level -- The switch supports 4 log hosts at most. Example Enable log host 2 and set its IP address as 192.168.0.148, the level 5: T1500G-10MPS(config)# logging host index 2 192.168.0.148 5 11.7 logging monitor Description The logging monitor command is enabled by default...
host-ip -- By default, it is 6 indicating that the log information ... terminal, please use no logging host index idx Parameter idx -- Syntax logging host index idx host-ip level no logging monitor command. Syntax logging monitor no logging monitor Command Mode Global Configuration Mode 86 ...IP for the log host. level -- The switch supports 4 log hosts at most. Example Enable log host 2 and set its IP address as 192.168.0.148, the level 5: T1500G-10MPS(config)# logging host index 2 192.168.0.148 5 11.7 logging monitor Description The logging monitor command is enabled by default...
T1500G-10MPSUN V1 CLI Reference Guide
Page 106
...timeout time of SSH as 30 seconds: T1500G-10MPS(config)# ip ssh timeout 30 12.5 ip ssh max-client Description The ip ssh max-client command is used to specify the idle-timeout time of SSH. By default, this value is 120 seconds. To restore to the factory defaults, please use no operation from the client.... It ranges from 1 to 5. Syntax ip ssh max-client num no ip ssh timeout command. It ranges from 1 to 120 in seconds....
...timeout time of SSH as 30 seconds: T1500G-10MPS(config)# ip ssh timeout 30 12.5 ip ssh max-client Description The ip ssh max-client command is used to specify the idle-timeout time of SSH. By default, this value is 120 seconds. To restore to the factory defaults, please use no operation from the client.... It ranges from 1 to 5. Syntax ip ssh max-client num no ip ssh timeout command. It ranges from 1 to 120 in seconds....