TL-SG3210 V1 User Guide
Page 10
...: View the multicast data traffic on to monitor the IGMP messages in the network. 3 z MSTP Instance: Configure MSTP instances. Here mainly introduces: z Port: Configure the basic features for users to log on each port z MAC Address: Configure the address table of the switch. This module is used to configure spanning tree function of ports together to make some special data transmitted in the specified VLAN. z MAC VLAN: Configure MAC-based VLAN without having to individually configure each VLAN. Here mainly introduces: z STP Config: Configure and view the global settings...
...: View the multicast data traffic on to monitor the IGMP messages in the network. 3 z MSTP Instance: Configure MSTP instances. Here mainly introduces: z Port: Configure the basic features for users to log on each port z MAC Address: Configure the address table of the switch. This module is used to configure spanning tree function of ports together to make some special data transmitted in the specified VLAN. z MAC VLAN: Configure MAC-based VLAN without having to individually configure each VLAN. Here mainly introduces: z STP Config: Configure and view the global settings...
TL-SG3210 V1 User Guide
Page 13
... VLAN groups and 4K VLAN IDs. • Quality of Service + Supports L2/L3 granular CoS with 4 priority queues per port. + Rate limiting confines the traffic flow accurately according to the preset value. • Security + Supports multiple industry standard user authentication methods such as 802.1x, RADIUS. + Dynamic ARP Inspection blocks ARP packets from TP-LINK provides wire-speed performance and abundant layer 2 management features. It provides a variety of service features and multiple powerful...
... VLAN groups and 4K VLAN IDs. • Quality of Service + Supports L2/L3 granular CoS with 4 priority queues per port. + Rate limiting confines the traffic flow accurately according to the preset value. • Security + Supports multiple industry standard user authentication methods such as 802.1x, RADIUS. + Dynamic ARP Inspection blocks ARP packets from TP-LINK provides wire-speed performance and abundant layer 2 management features. It provides a variety of service features and multiple powerful...
TL-SG3210 V1 User Guide
Page 41
....1Q VLAN, Voice VLAN, STP, QoS, DHCP Snooping and Port Configuration (Speed and Duplex, Flow Control), are suggested to add the ports with ARP Inspection and DoS Defend enabled to load the following : z If the ports, which are broken, the traffic of the LAG will be the same. For the member ports in a LAG, their basic configuration must be transmitted on different aggregation modes, aggregation groups fall into two types: Static LAG and LACP Config. Choose the menu Switching→LAG→LAG Table...
....1Q VLAN, Voice VLAN, STP, QoS, DHCP Snooping and Port Configuration (Speed and Duplex, Flow Control), are suggested to add the ports with ARP Inspection and DoS Defend enabled to load the following : z If the ports, which are broken, the traffic of the LAG will be the same. For the member ports in a LAG, their basic configuration must be transmitted on different aggregation modes, aggregation groups fall into two types: Static LAG and LACP Config. Choose the menu Switching→LAG→LAG Table...
TL-SG3210 V1 User Guide
Page 59
... to modify the settings of VLAN. • Detail: Click to quick-select the corresponding entry based on the VLAN ID number you can only be modified or deleted. The Web Management Page of switch can view the current created 802.1Q VLAN. The following page. IEEE 802.1Q VLAN function is implemented on the VLAN Config and Port Config pages. 6.1.1 VLAN Config On this screen: ¾ VLAN Table VLAN ID Select:...
... to modify the settings of VLAN. • Detail: Click to quick-select the corresponding entry based on the VLAN ID number you can only be modified or deleted. The Web Management Page of switch can view the current created 802.1Q VLAN. The following page. IEEE 802.1Q VLAN function is implemented on the VLAN Config and Port Config pages. 6.1.1 VLAN Config On this screen: ¾ VLAN Table VLAN ID Select:...
TL-SG3210 V1 User Guide
Page 61
.... Port: Displays the port number. If the current VLAN is deleted, the PVID will be set to 1 by default. • TRUNK: The TRUNK port can be added in order to configure the ports properly. Figure 6-5 802.1Q VLAN - The default egress rule is UNTAG. LAG: Displays the LAG to which the port belongs. 6.1.2 Port Config Before creating the 802.1Q VLAN, please acquaint yourself with all the devices connected to the switch in multiple VLANs...
.... Port: Displays the port number. If the current VLAN is deleted, the PVID will be set to 1 by default. • TRUNK: The TRUNK port can be added in order to configure the ports properly. Figure 6-5 802.1Q VLAN - The default egress rule is UNTAG. LAG: Displays the LAG to which the port belongs. 6.1.2 Port Config Before creating the 802.1Q VLAN, please acquaint yourself with all the devices connected to the switch in multiple VLANs...
TL-SG3210 V1 User Guide
Page 62
.../Detail button to modify/view the information of VLAN. For the device in a MAC VLAN, if its member ports. 3 Modify/View VLAN. VLAN ID: Displays the ID number of the corresponding VLAN. 4 Delete VLAN Optional. Configuration Procedure: Step Operation Description 1 Set the link type for Required. LAG: Displays the LAG to which the port belongs. VLAN: Click the Detail button to view the information of Port VLAN ID Select: Click the Select button to quick-select...
.../Detail button to modify/view the information of VLAN. For the device in a MAC VLAN, if its member ports. 3 Modify/View VLAN. VLAN ID: Displays the ID number of the corresponding VLAN. 4 Delete VLAN Optional. Configuration Procedure: Step Operation Description 1 Set the link type for Required. LAG: Displays the LAG to which the port belongs. VLAN: Click the Detail button to view the information of Port VLAN ID Select: Click the Select button to quick-select...
TL-SG3210 V1 User Guide
Page 105
Displays the member port time of the VLAN. Note: The settings here will be broadcasted. 8.1.4 Multicast VLAN In old multicast transmission mode, when users in different VLANs share the same multicast VLAN. Enable IGMP Snooping globally on Multicast→IGMP Snooping→Snooping Config and Port Config page. 2 Configure the multicast Optional. The problem above can make users in different VLANs apply for the port on the switch function and for join the same multicast group, the multicast router will be invalid, that...
Displays the member port time of the VLAN. Note: The settings here will be broadcasted. 8.1.4 Multicast VLAN In old multicast transmission mode, when users in different VLANs share the same multicast VLAN. Enable IGMP Snooping globally on Multicast→IGMP Snooping→Snooping Config and Port Config page. 2 Configure the multicast Optional. The problem above can make users in different VLANs apply for the port on the switch function and for join the same multicast group, the multicast router will be invalid, that...
TL-SG3210 V1 User Guide
Page 107
Enable and configure a multicast VLAN on Multicast→IGMP Snooping→Snooping Config and Port Config page. 2 Create a multicast VLAN Required. It is recommended to keep the default time parameters. 4 Look over the configuration If it is connected to the switch. its LAN port is successfully configured, the VLAN ID of the multicast VLAN will be displayed in the IGMP Snooping Status table on the Multicast→IGMP Snooping→Snooping Config page. User A: Connected to the VLAN on the switch function and for Optional. Enable IGMP Snooping globally on the...
Enable and configure a multicast VLAN on Multicast→IGMP Snooping→Snooping Config and Port Config page. 2 Create a multicast VLAN Required. It is recommended to keep the default time parameters. 4 Look over the configuration If it is connected to the switch. its LAN port is successfully configured, the VLAN ID of the multicast VLAN will be displayed in the IGMP Snooping Status table on the Multicast→IGMP Snooping→Snooping Config page. User A: Connected to the VLAN on the switch function and for Optional. Enable IGMP Snooping globally on the...
TL-SG3210 V1 User Guide
Page 111
... multicast streams will firstly check the multicast filter rules configured for a multicast group, the host will send IGMP report message. Select: Select the desired entry to load the following entries are displayed on the ID number you set. It is multi-optional. After receiving the report message, the switch will not be transmitted to this port, which allows you to control...
... multicast streams will firstly check the multicast filter rules configured for a multicast group, the host will send IGMP report message. Select: Select the desired entry to load the following entries are displayed on the ID number you set. It is multi-optional. After receiving the report message, the switch will not be transmitted to this port, which allows you to control...
TL-SG3210 V1 User Guide
Page 125
... VLAN mode is powered on the ingress port within the aging time, the switch will remove this mode, the switch automatically add a port which receives voice packets to the type of packets sent out from voice VLAN. UNTAG voice ACCESS、TRUNK、GENERAL: Not supported. The default VLAN of packets and matching OUI address. GENERAL:Supported. The following table shows the detailed information. Port Voice Mode VLAN Voice Stream Type Link type of the voice VLAN. UNTAG voice ACCESS: Supported. GENERAL: Supported...
... VLAN mode is powered on the ingress port within the aging time, the switch will remove this mode, the switch automatically add a port which receives voice packets to the type of packets sent out from voice VLAN. UNTAG voice ACCESS、TRUNK、GENERAL: Not supported. The default VLAN of packets and matching OUI address. GENERAL:Supported. The following table shows the detailed information. Port Voice Mode VLAN Voice Stream Type Link type of the voice VLAN. UNTAG voice ACCESS: Supported. GENERAL: Supported...
TL-SG3210 V1 User Guide
Page 130
... mode the time-range adopts. The ACL module is mainly for ACL configuration of match conditions, which can be L2-L4 protocol key fields carried in a specified time-range, a time-range should be implemented on a series of the switch, including four submenus: Time-Range, ACL Config, Policy Config and Policy Binding. 10.1 Time-Range If a configured ACL is used to filter packets by differentiating the time-ranges. configure a holiday section to control traffic flows and save network...
... mode the time-range adopts. The ACL module is mainly for ACL configuration of match conditions, which can be L2-L4 protocol key fields carried in a specified time-range, a time-range should be implemented on a series of the switch, including four submenus: Time-Range, ACL Config, Policy Config and Policy Binding. 10.1 Time-Range If a configured ACL is used to filter packets by differentiating the time-ranges. configure a holiday section to control traffic flows and save network...
TL-SG3210 V1 User Guide
Page 160
Displays the status of the received ARP packets. The ARP Defend for configuration. Note: 1. Displays the current speed of the ARP attack. Click the Recover button to restore the port to locate the network malfunction and take the related protection measures. ARP Detect and ARP Defend cannot be re-enabled. Displays the port number. Enter a value to load the following entries are displayed on this port will be...
Displays the status of the received ARP packets. The ARP Defend for configuration. Note: 1. Displays the current speed of the ARP attack. Click the Recover button to restore the port to locate the network malfunction and take the related protection measures. ARP Detect and ARP Defend cannot be re-enabled. Displays the port number. Enter a value to load the following entries are displayed on this port will be...
TL-SG3210 V1 User Guide
Page 166
... VLAN configured, after the switch sends a request packet to a supplicant system. By default, all the ports connected to the supplicants belong to load the following timers are still ports that do not pass the authentication to access the specific network resource. After passing the authentication, the ports will be removed from the Guest VLAN and added to the specified VLAN. With the Guest VLAN function enabled, users can access...
... VLAN configured, after the switch sends a request packet to a supplicant system. By default, all the ports connected to the supplicants belong to load the following timers are still ports that do not pass the authentication to access the specific network resource. After passing the authentication, the ports will be removed from the Guest VLAN and added to the specified VLAN. With the Guest VLAN function enabled, users can access...
TL-SG3210 V1 User Guide
Page 170
... the port connected to the switch and do the authentication server and configure the corresponding some configuration. Enter the IP address of the client in the LAN to server to the authentication server. authentication username and password for LAG member ports. On the Network Security→802.1X→Global Config page, configure the 802.1X function globally. 4 Configure the parameters of the alternate accounting server. Return to software. Enable/Disable...
... the port connected to the switch and do the authentication server and configure the corresponding some configuration. Enter the IP address of the client in the LAN to server to the authentication server. authentication username and password for LAG member ports. On the Network Security→802.1X→Global Config page, configure the 802.1X function globally. 4 Configure the parameters of the alternate accounting server. Return to software. Enable/Disable...
TL-SG3210 V1 User Guide
Page 198
...-13 Cluster Configuration for Cluster Function ¾ Network Requirements Three switches form cluster, one commander switch (Here take TP-LINK TL-SL5428E as an example) and two member switches (Here take TP-LINK TL-SG3210 as an example). z For an individual switch, the following entries are displayed on this screen: ¾ Current Role Role: Displays the role the current switch plays in the cluster. ¾ Role Change Candidate...
...-13 Cluster Configuration for Cluster Function ¾ Network Requirements Three switches form cluster, one commander switch (Here take TP-LINK TL-SL5428E as an example) and two member switches (Here take TP-LINK TL-SG3210 as an example). z For an individual switch, the following entries are displayed on this screen: ¾ Current Role Role: Displays the role the current switch plays in the cluster. ¾ Role Change Candidate...
TL-SG3210 V1 User Guide
Page 228
... bits are mapped to the operation of Service categories, and then into the switch. Dynamic Host Control Protocol (DHCP) Provides a framework for certain IP or MAC (i.e., Layer 2) information. Appendix E: Glossary Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each switch can work automatically over LAN (EAPOL) EAPOL is a client authentication protocol used by participants in the appropriate output...
... bits are mapped to the operation of Service categories, and then into the switch. Dynamic Host Control Protocol (DHCP) Provides a framework for certain IP or MAC (i.e., Layer 2) information. Appendix E: Glossary Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each switch can work automatically over LAN (EAPOL) EAPOL is a client authentication protocol used by participants in the appropriate output...
TL-SG3210 V1 User Guide
Page 229
... controls access to the switch ports by requiring users to first enter a user ID and password for VLAN tagging. IP Multicast Filtering It is a feature to allow or deny the Client to communicate across switched networks. IEEE 802.1p An IEEE standard for providing quality of MAC bridges, including the Spanning Tree Protocol. Layer 2 222 IEEE 802.1D Specifies a general method for the operation of service (QoS...
... controls access to the switch ports by requiring users to first enter a user ID and password for VLAN tagging. IP Multicast Filtering It is a feature to allow or deny the Client to communicate across switched networks. IEEE 802.1p An IEEE standard for providing quality of MAC bridges, including the Spanning Tree Protocol. Layer 2 222 IEEE 802.1D Specifies a general method for the operation of service (QoS...
TL-SG3210 V1 CLI Reference Guide
Page 21
...Enter the disable command to return to access VLAN Configuration mode. Use the vlan database to User EXEC mode. Use the interface type Use the end command or press Ctrl+Z Interface Configuration Mode number command to enter this mode from Global Configuration mode. TP-LINK(config-if )# to return to Global configuration mode. A port number must be specified in User EXEC Mode after the connection between the PC and the switch is connected through the Console port). VLAN Configuration Mode Use the vlan database command to enter this mode from Privileged EXEC mode. Enter the...
...Enter the disable command to return to access VLAN Configuration mode. Use the vlan database to User EXEC mode. Use the interface type Use the end command or press Ctrl+Z Interface Configuration Mode number command to enter this mode from Global Configuration mode. TP-LINK(config-if )# to return to Global configuration mode. A port number must be specified in User EXEC Mode after the connection between the PC and the switch is connected through the Console port). VLAN Configuration Mode Use the vlan database command to enter this mode from Privileged EXEC mode. Enter the...
TL-SG3210 V1 CLI Reference Guide
Page 67
...the DHCP packets. The MAC Verify feature is used to enable the MAC Verify feature. To restore to the default configuration, please use no dhcp-snooping rate-limit command. The excessive DHCP packets will be a Trusted Port: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping trusted dhcp-snooping mac-verify Description The dhcp-snooping mac-verify command is used to enable the Flow Control feature for the port 2: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping mac-verify dhcp-snooping rate-limit Description The dhcp-snooping rate-limit command...
...the DHCP packets. The MAC Verify feature is used to enable the MAC Verify feature. To restore to the default configuration, please use no dhcp-snooping rate-limit command. The excessive DHCP packets will be a Trusted Port: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping trusted dhcp-snooping mac-verify Description The dhcp-snooping mac-verify command is used to enable the Flow Control feature for the port 2: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# dhcp-snooping mac-verify dhcp-snooping rate-limit Description The dhcp-snooping rate-limit command...
TL-SG3210 V1 CLI Reference Guide
Page 99
... show ssh Command Mode Any Configuration Mode Example Display the global configuration of SSH: TP-LINK(config)# show ssh command is used to download the SSH key file from 1 to download, v1 represents SSH-1, v2 represents SSH-2. The name of the key-file which is selected to 3072 bits. ip-addr -- The IP address of the name ranges from TFTP server. Specify the maximum number of the connections to the SSH server as 3: TP-LINK(config)# ssh max-client 3 ssh download Description The ssh max-client command is used...
... show ssh Command Mode Any Configuration Mode Example Display the global configuration of SSH: TP-LINK(config)# show ssh command is used to download the SSH key file from 1 to download, v1 represents SSH-1, v2 represents SSH-2. The name of the key-file which is selected to 3072 bits. ip-addr -- The IP address of the name ranges from TFTP server. Specify the maximum number of the connections to the SSH server as 3: TP-LINK(config)# ssh max-client 3 ssh download Description The ssh max-client command is used...