![Tp-Link TL-SG3216 Инструкция по эксплуатации онлайн [168/236] 38897](/img/pdf.png)
Tp-Link TL-SG3216 Инструкция по эксплуатации онлайн [168/236] 38897
![Tp-Link TL-SG3216 Инструкция по эксплуатации онлайн [168/236] 38897](/views2/1042088/page168/bga8.png)
161
¾ 802.1X Authentication Procedure
An 802.1X authentication can be initiated by supplicant system or authenticator system. When the
authenticator system detects an unauthenticated supplicant in LAN, it will initiate the 802.1X
authentication by sending EAP-Request/Identity packets to the supplicant. The supplicant system
can also launch an 802.1X client program to initiate an 802.1X authentication through the sending
of an EAPOL-Start packet to the switch,
This TP-LINK switch can authenticate supplicant systems in EAP relay mode or EAP terminating
mode. The following illustration of these two modes will take the 802.1X authentication procedure
initiated by the supplicant system for example.
(1) EAP Relay Mode
This mode is defined in 802.1X. In this mode, EAP-packets are encapsulated in higher level
protocol (such as EAPOR) packets to allow them successfully reach the authentication server.
This mode normally requires the RADIUS server to support the two fields of EAP: the
EAP-message field and the Message-authenticator field. This switch supports EAP-MD5
authentication way for the EAP relay mode. The following figure describes the basic EAP-MD5
authentication procedure.
Figure 11-18 EAP-MD5 Authentication Procedure
1. A supplicant system launches an 802.1X client program via its registered user name and
password to initiate an access request through the sending of an EAPOL-Start packet to the
switch. The 802.1X client program then forwards the packet to the switch to start the
authentication process.
2. Upon receiving the authentication request packet, the switch sends an EAP-Request/Identity
packet to ask the 802.1X client program for the user name.
3. The 802.1X client program responds by sending an EAP-Response/Identity packet to the
switch with the user name included. The switch then encapsulates the packet in a RADIUS
Access-Request packet and forwards it to the RADIUS server.
4. Upon receiving the user name from the switch, the RADIUS server retrieves the user name,
finds the corresponding password by matching the user name in its database, encrypts the
password using a randomly-generated key, and sends the key to the switch through an
RADIUS Access-Challenge packet. The switch then sends the key to the 802.1X client
program.
Switch
EAPOL-Start
EAP-Request/Identity
RADIUS-Access-Request
EAP-Request
RADIUS-Access-Request
RADIUS-Access-Accept
EAP-Success
EAP-Response/Identity
RADIUS-Access-Challenge
EAP-Response
EAP
EAP
Authentication Server
Supplicant System
Содержание
- Jetstream l2 managed switch 1
- Tl sg3216 tl sg3424 1
- Ce mark warning 2
- Copyright trademarks 2
- Fcc statement 2
- Safety notices 2
- Package contents 8
- Chapter 1 about this guide 9
- Conventions 9
- Intended readers 9
- Overview of this guide 9
- Chapter 2 introduction 13
- Main features 13
- Overview of the switch 13
- Appearance description 14
- Front panel 14
- Rear panel 15
- Chapter 3 login to the switch 16
- Configuration 16
- Chapter 4 system 18
- System info 18
- System summary 18
- Device description 20
- System time 20
- System ip 22
- User config 23
- User manage 23
- User table 23
- Config backup 25
- Config restore 25
- System tools 25
- Firmware upgrade 26
- Access control 27
- Access security 27
- System reboot 27
- System reset 27
- Ssl config 29
- Ssh config 30
- Application example 1 for ssh 32
- Application example 2 for ssh 33
- Chapter 5 switching 36
- Port config 36
- Port mirror 37
- The following entries are displayed on this screen 39
- Port security 40
- Port isolation 42
- Lag table 43
- Static lag 45
- Lacp config 46
- Traffic monitor 48
- Traffic summary 48
- Traffic statistics 49
- Mac address 50
- Address table 51
- Static address 53
- Dynamic address 54
- Filtering address 56
- Chapter 6 vlan 58
- Q vlan 59
- Vlan config 61
- Port config 63
- Configuration procedure 64
- Mac vlan 65
- Configuration procedure 66
- Protocol vlan 66
- Protocol group 69
- Protocol group table 69
- Protocol template 70
- Application example for 802 q vlan 71
- Configuration procedure 71
- Application example for mac vlan 73
- Application example for protocol vlan 74
- Configuration procedure 79
- Chapter 7 spanning tree 80
- Stp config 85
- Port config 87
- Stp summary 87
- Mstp instance 89
- Region config 89
- Instance config 90
- Instance port config 91
- Global configuration procedure for spanning tree function 93
- Port protect 93
- Stp security 93
- Application example for stp function 96
- Tc protect 96
- Chapter 8 multicast 100
- Igmp snooping 102
- Snooping config 103
- Port config 104
- Vlan config 105
- Configuration procedure 107
- Multicast vlan 107
- Application example for multicast vlan 109
- Configuration procedure 109
- Multicast ip 110
- Multicast ip table 111
- Static multicast ip 111
- Multicast filter 112
- Ip range 113
- Port filter 114
- Configuration procedure 115
- Packet statistics 115
- Chapter 9 qos 117
- Configuration procedure 120
- Diffserv 120
- Port priority 120
- Schedule mode 121
- Configuration procedure 122
- Dscp priority 122
- P priority 122
- Configuration procedure 123
- Bandwidth control 124
- Rate limit 124
- Storm control 125
- Voice vlan 127
- Global config 129
- Port config 129
- Oui config 131
- Configuration procedure of voice vlan 132
- Chapter 10 acl 133
- Time range 133
- Time range summary 133
- Time range create 134
- Acl config 135
- Holiday config 135
- Acl create 136
- Acl summary 136
- Mac acl 137
- Extend ip acl 138
- Standard ip acl 138
- Policy config 140
- Policy summary 140
- Action create 141
- Policy create 141
- Binding table 142
- Policy binding 142
- Port binding 143
- Vlan binding 143
- Application example for acl 144
- Configuration procedure 144
- Binding table 147
- Chapter 11 network security 147
- Ip mac binding 147
- Manual binding 148
- Arp scanning 150
- Dhcp snooping 151
- Arp inspection 157
- Arp detect 161
- Arp defend 162
- Configuration procedure 162
- Arp statistics 163
- Dos defend 164
- Choose the menu network security dos defend dos defend to load the following page 165
- Dos attack type description 165
- On this page you can enable the dos defend type appropriate to your need 165
- Table 11 1 defendable dos attack types 165
- Global config 170
- Port config 172
- Radius server 173
- Configuration procedure 174
- Chapter 12 snmp 175
- Global config 177
- Snmp config 177
- Snmp view 178
- Snmp group 179
- Snmp user 180
- Snmp community 182
- Configuration procedure 183
- Notification 184
- Event config 187
- History control 187
- Alarm config 188
- Chapter 13 cluster 191
- Neighbor info 192
- Ndp summary 193
- Ndp config 195
- Device table 196
- Ntdp summary 197
- Ntdp config 198
- Cluster 200
- Cluster summary 200
- Cluster config 201
- Application example for cluster function 203
- Chapter 14 maintenance 206
- Cpu monitor 206
- System monitor 206
- Memory monitor 207
- Local log 209
- Log table 209
- Remote log 210
- Backup log 211
- Cable test 212
- Device diagnose 212
- Loopback 213
- Network diagnose 213
- Tracert 214
- Appendix a specifications 216
- Appendix b configuring the pcs 217
- Appendix c load software using ftp 220
- Configure the hyper terminal 220
- Hardware installation 220
- Download firmware via bootutil menu 222
- Appendix d 802 x client software 225
- Installation guide 225
- Uninstall software 228
- Configuration 229
- Appendix e glossary 233
Похожие устройства
- Hotpoint-Ariston AQSL 85 Инструкция по эксплуатации
- Sony XAV-E622 Инструкция по эксплуатации
- Sony HDR-CX7EK Инструкция по эксплуатации
- Tp-Link TL-SG3210 Инструкция по эксплуатации
- Panasonic TC-14X1 Инструкция по эксплуатации
- Sony CDX-GT29 EE Инструкция по эксплуатации
- Sony HDR-CX700VE Инструкция по эксплуатации
- Tp-Link TL-SL3452 Инструкция по эксплуатации
- Panasonic KX-FT21RS Инструкция по эксплуатации
- Sony CDX-GT35 U Инструкция по эксплуатации
- Sony HDR-CX700E Инструкция по эксплуатации
- Tp-Link TL-SL3428 Инструкция по эксплуатации
- Toshiba GR-H64RD Инструкция по эксплуатации
- Sony CDX-GT454US Инструкция по эксплуатации
- Sony HDR-CX6EK Инструкция по эксплуатации
- Tp-Link TL-SG2424 Инструкция по эксплуатации
- Sony CDX-GT457UE Инструкция по эксплуатации
- Sony HDR-CX690E Инструкция по эксплуатации
- Tp-Link TL-SG2216 Инструкция по эксплуатации
- Beko CE 58100 Инструкция по эксплуатации
Скачать
Случайные обсуждения
Ответы 0
Как через CLI сменить VLAN управления? Через Web Интерфейс это можно, а через CLI?
7 лет назад