TL-SG3216 V1 User Guide
Page 3
... Switch...9 3.1 Login...9 3.2 Configuration ...9 Chapter 4 System ...11 4.1 System Info...11 4.1.1 System Summary 11 4.1.2 Device Description 13 4.1.3 System Time ...13 4.1.4 System IP...15 4.2 User Manage ...16 4.2.1 User Table...16 4.2.2 User Config ...16 4.3 System Tools ...18 4.3.1 Config Restore 18 4.3.2 Config Backup 18 4.3.3 Firmware Upgrade 19 4.3.4 System Reboot 20 4.3.5 System Reset 20 4.4 Access Security ...20 4.4.1 Access Control...
... Switch...9 3.1 Login...9 3.2 Configuration ...9 Chapter 4 System ...11 4.1 System Info...11 4.1.1 System Summary 11 4.1.2 Device Description 13 4.1.3 System Time ...13 4.1.4 System IP...15 4.2 User Manage ...16 4.2.1 User Table...16 4.2.2 User Config ...16 4.3 System Tools ...18 4.3.1 Config Restore 18 4.3.2 Config Backup 18 4.3.3 Firmware Upgrade 19 4.3.4 System Reboot 20 4.3.5 System Reset 20 4.4 Access Security ...20 4.4.1 Access Control...
TL-SG3216 V1 User Guide
Page 18
... 11 Chapter 4 System The System module is not connected to load the following page. ¾ Port Status Figure 4-1 System Summary Indicates the 1000Mbps port is mainly for system configuration of the switch, including four submenus: System Info, User Manage, System ...port connection status and the system information. the ports labeled as numbers are SFP ports. Choose the menu System→System Info→System Summary to a device. The ports labeled as SFP are 10/100/1000Mbps ports; The port status diagram shows the working status of 16 10/100/1000Mbps RJ45 ports and 2 SFP ports...
... 11 Chapter 4 System The System module is not connected to load the following page. ¾ Port Status Figure 4-1 System Summary Indicates the 1000Mbps port is mainly for system configuration of the switch, including four submenus: System Info, User Manage, System ...port connection status and the system information. the ports labeled as numbers are SFP ports. Choose the menu System→System Info→System Summary to a device. The ports labeled as SFP are 10/100/1000Mbps ports; The port status diagram shows the working status of 16 10/100/1000Mbps RJ45 ports and 2 SFP ports...
TL-SG3216 V1 User Guide
Page 56
...are necessary for the switch to which this data frame is in the following three types: (1) ACCESS: The ACCESS port can add the VLAN tag field into the data link layer encapsulation for details. (3) CFI: CFI is a 1-bit field, indicating whether the MAC address is in different... of VLAN Tag (1) TPID: TPID is a 16-bit field, indicating that a 4-byte VLAN tag is 0x8100 in turn. packets of VLAN-tagged packets. This field is not described in detail in a single VLAN, and the egress rule of the port is a 12-bit field, indicating the ID of...
...are necessary for the switch to which this data frame is in the following three types: (1) ACCESS: The ACCESS port can add the VLAN tag field into the data link layer encapsulation for details. (3) CFI: CFI is a 1-bit field, indicating whether the MAC address is in different... of VLAN Tag (1) TPID: TPID is a 16-bit field, indicating that a 4-byte VLAN tag is 0x8100 in turn. packets of VLAN-tagged packets. This field is not described in detail in a single VLAN, and the egress rule of the port is a 12-bit field, indicating the ID of...
TL-SG3216 V1 User Guide
Page 85
... multi-optional. If the two ports in the P2P link are displayed on this bridge to the Root Bridge and forwards packets to the root. 78 The lower value has the higher priority. Select the P2P link status. It is used to 240 divisible by 16. Select Enable /Disable STP function... for STP configuration. IntPath Cost is an important criterion on the port. Unchange means no MCheck operation. It is used to perform MCheck ...
... multi-optional. If the two ports in the P2P link are displayed on this bridge to the Root Bridge and forwards packets to the root. 78 The lower value has the higher priority. Select the P2P link status. It is used to 240 divisible by 16. Select Enable /Disable STP function... for STP configuration. IntPath Cost is an important criterion on the port. Unchange means no MCheck operation. It is used to perform MCheck ...
TL-SG3216 V1 User Guide
Page 162
...is also necessary to install the system bulletins and backup the important information in terms of the ports of the network and block the unnecessary network services. 3. It authenticates and controls devices requesting for LAN ports to solve mainly authentication and security problems. 802.1X is suggested to take the following entries...¾ Defend Table Select: Select the entry to enable the corresponding Defend Type. It's recommended to inspect and repair the system vulnerability regularly. Figure 11-16 DoS Defend The following further steps to ensure the network security. 1.
...is also necessary to install the system bulletins and backup the important information in terms of the ports of the network and block the unnecessary network services. 3. It authenticates and controls devices requesting for LAN ports to solve mainly authentication and security problems. 802.1X is suggested to take the following entries...¾ Defend Table Select: Select the entry to enable the corresponding Defend Type. It's recommended to inspect and repair the system vulnerability regularly. Figure 11-16 DoS Defend The following further steps to ensure the network security. 1.
TL-SG3216 V1 CLI Reference Guide
Page 3
CONTENTS Preface ...1 Chapter 1 Using the CLI 4 1.1 Accessing the CLI ...4 1.1.1 Logon by a console port 4 1.1.2 Logon by Telnet ...6 1.2 CLI Command Modes ...8 1.3 Security Levels ...10 1.4 Conventions ...11 1.4.1 Format Conventions 11 1.4.2 Special Characters 11 1.4.3 Parameter ...13 configure...13 exit ...13 end ...14 Chapter 3 IEEE 802.1Q VLAN Commands 15 vlan database ...15 vlan ...15 interface vlan ...16 description ...16 switchport type ...17 switchport allowed vlan...17 switchport pvid...18 switchport general egress-rule 18 show vlan ...19 show interface switchport ...19 Chapter...
CONTENTS Preface ...1 Chapter 1 Using the CLI 4 1.1 Accessing the CLI ...4 1.1.1 Logon by a console port 4 1.1.2 Logon by Telnet ...6 1.2 CLI Command Modes ...8 1.3 Security Levels ...10 1.4 Conventions ...11 1.4.1 Format Conventions 11 1.4.2 Special Characters 11 1.4.3 Parameter ...13 configure...13 exit ...13 end ...14 Chapter 3 IEEE 802.1Q VLAN Commands 15 vlan database ...15 vlan ...15 interface vlan ...16 description ...16 switchport type ...17 switchport allowed vlan...17 switchport pvid...18 switchport general egress-rule 18 show vlan ...19 show interface switchport ...19 Chapter...
TL-SG3216 V1 CLI Reference Guide
Page 7
...82 logging loghost ...83 show logging local-config ...83 show logging loghost ...84 show logging buffer level ...84 show logging flash level...85 Chapter 16 SSH Commands 86 ssh server enable ...86 ssh version ...86 ssh idle-timeout ...87 ssh max-client ...87 ssh download ...88 show ssh ...... ...89 ssl download key ...90 show ssl...90 Chapter 18 Address Commands 92 bridge address port-security 92 bridge address static ...93 bridge aging-time...93 bridge address filtering ...94 show bridge port-security ...95 show bridge address ...95 show bridge aging-time ...96 Chapter 19 System Commands...
...82 logging loghost ...83 show logging local-config ...83 show logging loghost ...84 show logging buffer level ...84 show logging flash level...85 Chapter 16 SSH Commands 86 ssh server enable ...86 ssh version ...86 ssh idle-timeout ...87 ssh max-client ...87 ssh download ...88 show ssh ...... ...89 ssl download key ...90 show ssl...90 Chapter 18 Address Commands 92 bridge address port-security 92 bridge address static ...93 bridge aging-time...93 bridge address filtering ...94 show bridge port-security ...95 show bridge address ...95 show bridge aging-time ...96 Chapter 19 System Commands...
TL-SG3216 V1 CLI Reference Guide
Page 13
... switch from the ARP cheating or ARP Attack. Chapter 21: QoS Commands Provide information about the commands used for enthernet ports. Chapter 20: Ethernet Configuration Commands Provide information about the commands used for configuring the Bandwidth Control, Negotiation Mode, and ...Storm Control for configuring the QoS function. Chapter 16: SSH Commands Provide information about the commands used for configuring the MSTP (Multiple Spanning Tree Protocol). Chapter 24: MSTP Commands...
... switch from the ARP cheating or ARP Attack. Chapter 21: QoS Commands Provide information about the commands used for enthernet ports. Chapter 20: Ethernet Configuration Commands Provide information about the commands used for configuring the Bandwidth Control, Negotiation Mode, and ...Storm Control for configuring the QoS function. Chapter 16: SSH Commands Provide information about the commands used for configuring the MSTP (Multiple Spanning Tree Protocol). Chapter 24: MSTP Commands...
TL-SG3216 V1 CLI Reference Guide
Page 38
mask-addr -- description --Give a description to configure the Voice VLAN mode for identification which contains 16 characters at most. Andthen delete the Voice VLAN OUI with the MAC address 00:01:E3:00:00:01 and the mask ...the voice device. Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure Ethernet port 2 to operate in the manual voice VLAN mode: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# switchport voice-vlan mode manual 27 Command Mode Global Configuration Mode Example Create a Voice VLAN OUI ...
mask-addr -- description --Give a description to configure the Voice VLAN mode for identification which contains 16 characters at most. Andthen delete the Voice VLAN OUI with the MAC address 00:01:E3:00:00:01 and the mask ...the voice device. Command Mode Interface Configuration Mode(interface ethernet / interface range ethernet) Example Configure Ethernet port 2 to operate in the manual voice VLAN mode: TP-LINK(config)# interface ethernet 2 TP-LINK(config-if)# switchport voice-vlan mode manual 27 Command Mode Global Configuration Mode Example Create a Voice VLAN OUI ...
TL-SG3216 V1 CLI Reference Guide
Page 58
... of the users logging on as Admin, ranging from 1 to 16. To restore to the default timeout time, please use no user max-number command. Example Enable the access-control of the ports 2, port4, port5, port6,and port10: TP-LINK(config)# user access-control port-based 2,4-6,10 user max-number Description The user max-number...
... of the users logging on as Admin, ranging from 1 to 16. To restore to the default timeout time, please use no user max-number command. Example Enable the access-control of the ports 2, port4, port5, port6,and port10: TP-LINK(config)# user access-control port-based 2,4-6,10 user max-number Description The user max-number...
TL-SG3216 V1 CLI Reference Guide
Page 90
Syntax show dot1x interface [ ethernet port-num ] Parameter port-num --The number of the Ethernet port, ranging from 1 to 16. Syntax show radius authentication Command Mode 79 Command Mode Any configurartion Mode Example Display the port configuration of 801.X: TP-LINK(config)# show dot1x interface show radius authentication Description The show dot1x interface command is used to display...
Syntax show dot1x interface [ ethernet port-num ] Parameter port-num --The number of the Ethernet port, ranging from 1 to 16. Syntax show radius authentication Command Mode 79 Command Mode Any configurartion Mode Example Display the port configuration of 801.X: TP-LINK(config)# show dot1x interface show radius authentication Description The show dot1x interface command is used to display...
TL-SG3216 V1 CLI Reference Guide
Page 104
...16. vid -- To remove the corresponding entry, please use no bridge address static [mac] [vid] [port] Parameter mac --The MAC address of your desired entry. Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable Port Security function for port1, select Static mode as 30: TP-LINK(config)# interface ethernet 1 TP-LINK...(config-if)# bridge address port-security max-number 30 mode static ...
...16. vid -- To remove the corresponding entry, please use no bridge address static [mac] [vid] [port] Parameter mac --The MAC address of your desired entry. Interface Configuration Mode(interface ethernet / interface range ethernet) Example Enable Port Security function for port1, select Static mode as 30: TP-LINK(config)# interface ethernet 1 TP-LINK...(config-if)# bridge address port-security max-number 30 mode static ...
TL-SG3216 V1 CLI Reference Guide
Page 106
Command Mode Any Configuration Mode Example Display the Port Security configuration of all ports is used to 16. By default, the Port Security configuration of port2: TP-LINK(config)# show bridge port-security 2 show bridge address Description The show bridge address command is displayed. 00:1e:4b:04:01:5d: TP-LINK(config)# bridge address filtering 00:1e:4b:04...
Command Mode Any Configuration Mode Example Display the Port Security configuration of all ports is used to 16. By default, the Port Security configuration of port2: TP-LINK(config)# show bridge port-security 2 show bridge address Description The show bridge address command is displayed. 00:1e:4b:04:01:5d: TP-LINK(config)# bridge address filtering 00:1e:4b:04...
TL-SG3216 V1 CLI Reference Guide
Page 115
... selected for port 4: TP-LINK#loopback 4 internal show system-info Description The show system-info 104 There are two options, Internal and External. Syntax show system-info command is used to test whether the port is available or not. internal | external -- Loopback Type. It ranges from 1 to 16. Syntax loopback {port} { internal | external } Parameter port -- Command Mode...
... selected for port 4: TP-LINK#loopback 4 internal show system-info Description The show system-info 104 There are two options, Internal and External. Syntax show system-info command is used to test whether the port is available or not. internal | external -- Loopback Type. It ranges from 1 to 16. Syntax loopback {port} { internal | external } Parameter port -- Command Mode...
TL-SG3216 V1 CLI Reference Guide
Page 118
... Mode Interface Configuration Mode(interface ethernet) Example Add a description Port #5 to port5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# description Port #5 shutdown Description The shutdown command is used to add a description to 16 characters. Content of the corresponding port, please use no description command. Command in the Interface Range Ethernet Mode is executed independently...
... Mode Interface Configuration Mode(interface ethernet) Example Add a description Port #5 to port5: TP-LINK(config)# interface ethernet 5 TP-LINK(config-if)# description Port #5 shutdown Description The shutdown command is used to add a description to 16 characters. Content of the corresponding port, please use no description command. Command in the Interface Range Ethernet Mode is executed independently...
TL-SG3216 V1 CLI Reference Guide
Page 125
... show storm-control ethernet [port] Parameter port -- The port-number of the port selected to display the storm-control information of all Ethernet ports: TP-LINK(config)# show storm-control ethernet show port rate-limit Description The show port rate-limit command is used to display the storm-control information. Syntax show storm-control ethernet command is used to 16.
... show storm-control ethernet [port] Parameter port -- The port-number of the port selected to display the storm-control information of all Ethernet ports: TP-LINK(config)# show storm-control ethernet show port rate-limit Description The show port rate-limit command is used to display the storm-control information. Syntax show storm-control ethernet command is used to 16.
TL-SG3216 V1 CLI Reference Guide
Page 126
Parameter port - - Command Mode Any Configuration Mode Example Display the rate-limit information of all Ethernet ports: TP-LINK(config)# show port rate-limit 115 It ranges from 1 to display the rate-limit information. The port-number of the port selected to 16. By default, the rate-limit information of all ports is displayed.
Parameter port - - Command Mode Any Configuration Mode Example Display the rate-limit information of all Ethernet ports: TP-LINK(config)# show port rate-limit 115 It ranges from 1 to display the rate-limit information. The port-number of the port selected to 16. By default, the rate-limit information of all ports is displayed.
TL-SG3216 V1 CLI Reference Guide
Page 131
...Priority. By default, information of DSCP Priority. Command Mode Any Configuration Mode Example Display the configuration of QoS for port 5: TP-LINK# show qos port-based 5 show qos dot1p Description The show qos dot1p command is used to display the configuration of QoS based on...TP-LINK# show qos dot1p show qos dscp Description The show qos dscp command is used to display the configuration of all the ports is displayed. Syntax 120 Syntax show qos port-based [interface-num] Parameter interface-num -- show qos port-based Description The show qos port-based command is used to 16...
...Priority. By default, information of DSCP Priority. Command Mode Any Configuration Mode Example Display the configuration of QoS for port 5: TP-LINK# show qos port-based 5 show qos dot1p Description The show qos dot1p command is used to display the configuration of QoS based on...TP-LINK# show qos dot1p show qos dscp Description The show qos dscp command is used to display the configuration of all the ports is displayed. Syntax 120 Syntax show qos port-based [interface-num] Parameter interface-num -- show qos port-based Description The show qos port-based command is used to 16...
TL-SG3216 V1 CLI Reference Guide
Page 141
...ACL will be forwarded to add ACLs and create actions for the data packets those match the corresponding ACL. The destination port ranges from 1 to 16. Specify the local priority for the policy. The data packets those are two options, none and discard. Local Priority ...it is none. The Policy Name, ranging from 1 to 16 characters. The rate of Redirect. The Destination Port of Stream Condition, ranging from 1 to 63. Command Mode Global Configuration Mode Example Add a Policy named policy1: TP-LINK(config)# acl policy policy-add policy1 acl policy action-add Description...
...ACL will be forwarded to add ACLs and create actions for the data packets those match the corresponding ACL. The destination port ranges from 1 to 16. Specify the local priority for the policy. The data packets those are two options, none and discard. Local Priority ...it is none. The Policy Name, ranging from 1 to 16 characters. The rate of Redirect. The Destination Port of Stream Condition, ranging from 1 to 63. Command Mode Global Configuration Mode Example Add a Policy named policy1: TP-LINK(config)# acl policy policy-add policy1 acl policy action-add Description...
TL-SG3216 V1 CLI Reference Guide
Page 142
Syntax acl bind to-port {policy-name} {port} no policy to 16. port -- Command Mode Global Configuration Mode Example Bind policy1 to Port 1,3-5: TP-LINK(config)# acl bind to-port policy1 1,3-5 acl bind to-vlan Description The acl bind to-vlan command is used to bind a policy to -vlan {policy-name} {vlan-id} 131 To ...
Syntax acl bind to-port {policy-name} {port} no policy to 16. port -- Command Mode Global Configuration Mode Example Bind policy1 to Port 1,3-5: TP-LINK(config)# acl bind to-port policy1 1,3-5 acl bind to-vlan Description The acl bind to-vlan command is used to bind a policy to -vlan {policy-name} {vlan-id} 131 To ...