Manual TP-Link TL-SG3424P

292 pages 4.93 mb

Download

Go to site of 292

Prev Next

Summary

TP-Link TL-SG3424P - page 1

TL-S G3210/T L - SG3216/ TL - SG34 24/TL - SG3424P JetS tream L2 Managed Sw itch R EV 3.0.0 191001 10 91 ...
TP-Link TL-SG3424P - page 2

COPYRIGH T & TRA DEM ARKS S peci fications are subject to change w ithout n otice. is a registere d tradem ark of TP - LIN K TECHNOLOG IES CO., L TD. Ot her brands and product names are trade marks or registered t rademar ks of their respect ive holder s. No par t of the spe cificatio ns may be repro duced in any form or by any means or used to ...
TP-Link TL-SG3424P - page 3

Safe ty Informati on  When pro duct has power button, the pow er button is one of the way to shut off the prod uct; W hen th ere i s no pow er butt on, the only way to co mpletely shut of f power is t o discon nect the product or the pow er adap ter from the power s ource.  Don ’t disasse mble the pro duct, or make repa irs your self. Y ou ...
TP-Link TL-SG3424P - page 4

CONT ENT S Package Cont ents ............................................................................................................................ 1 Chapter 1 About This Guide ........................................................................................................... 2 1.1 Intended Readers .................................... ...
TP-Link TL-SG3424P - page 5

4.4.1 Access Control .................................................................................................. 32 4.4.2 S SL Config ........................................................................................................ 34 4.4.3 SSH Confi g ................................................................................... ...
TP-Link TL-SG3424P - page 6

Chapter 7 S p anning T ree .............................................................................................................. 88 7.1 STP Co nfig ................................................................................................................... 93 7.1.1 STP Co nfig ........................................................ ...
TP-Link TL-SG3424P - page 7

9.1.1 Po rt Priority ...................................................................................................... 141 9.1.2 DSCP Pr iorit y .................................................................................................. 142 9.1.3 802.1P/CoS mapping ........................................................................ ...
TP-Link TL-SG3424P - page 8

1 1.4.1 Binding T able ................................................................................................... 170 1 1.4.2 Port Binding ..................................................................................................... 171 1 1.4.3 VLAN Bind ing .......................................................................... ...
TP-Link TL-SG3424P - page 9

14.1.3 NDP Config ...................................................................................................... 224 14.2 NTDP .......................................................................................................................... 225 14.2.1 Device T able ................................................................... ...
TP-Link TL-SG3424P - page 10

16.4.2 Tr a cert ............................................................................................................. 258 Ap pendi x A: S pe cifi cati ons ........................................................................................................... 259 Appendix B: Configur ing the PCs ......................................... ...
TP-Link TL-SG3424P - page 11

Package Content s The follow ing items shou ld be found in your box:  One JetStream L2 Managed Sw itch  One power cord  One consol e cable  Two mount ing brackets a nd other fitting s  Installatio n Guide  Resource CD for TL -S G3210/ TL - SG3 216/TL - SG 3424/TL - SG 3424P switch , in clu ding: • This User G uide • The CLI Re ...
TP-Link TL-SG3424P - page 12

Chapter 1 Abo ut This Guide This User G uide cont ains informati on for setup a nd manage ment of TL -S G32 10/TL - SG32 16/ TL - SG342 4/TL - SG34 24P JetS tream L2 Manage d Switch. Please read t his guide carefully before operation. 1.1 Intende d Reade rs This Guide is intended for networ k managers famil iar with IT concept s and netw ork termin ...
TP-Link TL-SG3424P - page 13

Chapter Introduction Chapter 3 Login to the Sw itch Int roduces how t o log on to the Web management p age. Chapter 4 Sys tem This module is used to c onfigure sy stem properti es of the switc h. Here mainly introdu ces:  Sys tem Info : Con figure the descr iption, sy stem ti me and networ k para meters of the sw itch.  User Manag e ment : Co ...
TP-Link TL-SG3424P - page 14

Chapter Introduction Chapter 9 QoS This module is u sed to config ure QoS funct ion to provide dif ferent quality of s ervice for various netw ork applic ations and require ments. Here mainly introduces:  Diff Serv: Confi gure priorities, port priori ty , 802.1P priority and DSCP prior ity .  Bandwid th Contr ol: Confi gure rate lim it featur ...
TP-Link TL-SG3424P - page 15

Chapter Introduction Chapter 14 Cluster This modu le is used to configure c luster funct ion to central ma nage the scatter ed devices in t he network. Here mainly intr oduces:  NDP : Con figu re ND P funct i on to get the information of the directly connected neighbor dev ices.  NTDP: Con figure N TDP f unction for t he command er switch t o ...
TP-Link TL-SG3424P - page 16

Chapter 2 Introduction Thanks for choosing t he TL -S G32 10/TL - SG3216 /TL - SG3424/T L - SG 3424P Je tS tream L2 Managed Sw itch ! 2.1 Over vie w of the Swi tch Designed for workgroup s and department s, TL - S G3210/TL - SG3216/ TL - SG 3424/TL - SG 3424P fr om TP - LIN K provides w ire - speed p erformanc e and full set o f layer 2 mana gement ...
TP-Link TL-SG3424P - page 17

+ Support s T elnet, CLI, S NMP v 1/v2c/v 3, RMON and web acc ess. + Port Mirror ing enables mo nitoring sel ected ingres s/egress tr affi c. + Simple Network and M anagement Protocol ( SNMP) can be c onfigured ov er IPv6 t ransport . + IPv6 support s statele ss autocon figuration to m anage link, subn et, and site addres sing changes . + DHCPv6 en ...
TP-Link TL-SG3424P - page 18

 SFP Por t s: Desig ned to install the SFP module. TL - SG32 16 / TL - SG3424 / TL - SG342 4P switch features so me SFP transceiv er slot s that are shar ed with the a ssociate d RJ45 p ort s. The associate d two port s are referred to as “ Comb o ” ports, which mean s they cannot be used simult aneously , otherwise only SF P port s wor k. T ...
TP-Link TL-SG3424P - page 19

When the S peed LE D is on, the port LED is indicatin g the dat a transmiss ion rate. Na me S ta t u s Indicat ion Power On The switch is pow ered on. Off The switch is p owered off or pow er supply is abn ormal. Fl ashin g Power su pply is abnorm al. Sys tem F lashi ng The switch wor ks properly . On/Off The switch wor ks improper ly. 10/100/1 000 ...
TP-Link TL-SG3424P - page 20

 Grounding T e rminal: The switch alrea dy comes with Lightning Prot ection Mecha nism. Y ou can also gr ound the swit ch through th e PE (Prote cting Eart h) cable of AC c ord or with Gr ound Ca bl e.  A C Pow er Soc ket: Con nect the female co nnector of the pow er cord here, and t he male con nector t o the AC po wer outlet. M ake sure th ...
TP-Link TL-SG3424P - page 21

Chapter 3 Login to the Switch 3.1 Login T o access the configura tion utility , open a web - brow ser and ty pe in the default ad dress http:/ /192.168.0.1 in the a ddress fiel d of the browser , then press t he Enter k e y. Figure 3-1 W eb - browser Tips : T o log in to the switch , the IP address of y our PC shou ld be set in the sa me subnet add ...
TP-Link TL-SG3424P - page 22

No te: Clic king Apply can only make the new con figurati ons ef fective befor e the switch is reboot ed . If you want to keep the configurat ions ef fective ev en the switch is reboot ed, please cl ick Sav e Con fig . Y ou are suggested to click Sav e Config before cutt ing off the po wer or reboot ing the switch to av oid losing the new configura ...
TP-Link TL-SG3424P - page 23

Chapter 4 System The Sys tem m odul e is main ly for syst em configur ation of the s witch, in cluding four su bmenus: System Info , User Manage ment , System T ools and A ccess Security . 4.1 System I nfo The S yste m Info, mainly for basic propert ies conf i guration , can be imple mented on Sy stem Summary , Device Descri ption , System Time , D ...
TP-Link TL-SG3424P - page 24

Indicates t he SFP por t is not conn ected to a devic e. Indicates t he SFP por t is at the speed o f 1000Mbp s. Indicates t he SFP por t is at the speed o f 100Mbp s. When the cur sor move s on the port, the det ailed inf ormation of the p ort will be display ed . Fi gure 4-2 P ort Infor mation  Port Info Po rt: Disp lays the port nu mber of th ...
TP-Link TL-SG3424P - page 25

 Bandwidth Utiliza tion Rx: Select Rx to d isplay the bandwi dth uti lization of rec eiving pac ket s on this port . Tx: Select Tx to d isplay the bandw idth ut ilization o f sending p acket s on this port . 4.1.2 Device Descrip tion On this page you can configure the description of the switch, includi ng dev ice nam e, dev ice location and syst ...
TP-Link TL-SG3424P - page 26

Choose the menu Sys te m → System Info → System T ime to load the foll owing p age. Fi gure 4-5 System T ime The following entries ar e displayed o n this screen:  Time Info Current System Da te: Displays the current date and time of the sw itch. Current Time Sou rce : Displays the current ti me Source of the sw i tch.  Time Config Manu a ...
TP-Link TL-SG3424P - page 27

Choose the menu Sys te m → System Info → Day l ight Sa ving T ime to load the follow ing pa ge. Figure 4-6 Daylight Savin g Ti me The follow ing entries are disp layed on t his screen:  DST Co nfig DST St atus : Enable or dis able the DST . Predef ined Mo de : Select a pred efined DST config uration :  USA : Sec ond S unda y in March , 02 ...
TP-Link TL-SG3424P - page 28

No te: 1. W he n the DST is disab led, the predefined mode, recurri ng mode and date mode can not be configured. 2. When the DST is e nabled, t he default daylight saving time is o f Europe in pre define d mode. 4.1.5 System IP Each device in the netw ork possesses a unique IP Address. Y ou can log on t o the Web manage ment pag e to ope rate the s ...
TP-Link TL-SG3424P - page 29

3. If the switch get s the IP address from DH CP serv er , you can see the configuratio n of the switch in the DHCP server ; if DHCP option is s elected but no DHCP serv er exists in the networ k, a few minutes l ater , the switch w ill restore the sett ing to the defau lt . 4. If DHCP or BOOTP option is selec ted, the switch w ill get network p ar ...
TP-Link TL-SG3424P - page 30

6. Enha nced n eighb or discov ery mechanis m: Th e IPv6 neighbor disc overy pr otocol is a group of Inter net control messa ge protocol v ersion 6 (ICMPv 6) messages that manages the informati on exchange be tween neighbor no des on the same lin k. The group of ICMPv 6 messages t akes the pl ace of Addres s Resolutio n Protocol (A RP) message, Int ...
TP-Link TL-SG3424P - page 31

 Multicast addr ess: An identifier for a set of interfaces (typically belon ging to dif ferent node s), similar to an IPv 4 multic ast address. A packet se nt to a multicas t address is delivered t o all interface s identif ied by that address. Ther e are no broad cast addres ses in I Pv6. Their function is su perseded by multicast addr esses. ? ...
TP-Link TL-SG3424P - page 32

For all IEEE 8 02 interface types (for exa mple, Ether net and FD DI interfaces) , Int erface IDs in the modified EUI - 6 4 format are constructed in t he following w ay: T he firs t thre e octets (2 4 bit s) are ta ken from the O rganizat ionally Uniq ue Identi fier (OUI) of t he 48 - bit l ink - lay er address (the M AC addres s) of the interface ...
TP-Link TL-SG3424P - page 33

Figure 4-9 Link - local Addres s Format IPv6 dev ices must not forwar d packet s that h ave link - local source or destinat ion addr esses to other lin ks. No te: Y ou can configure mult iple IPv 6 addresses per inter face, but only one lin k - local addre ss.  IPv6 Neig hbor Discov ery The IPv6 neighb or discov ery process uses I CMP messages a ...
TP-Link TL-SG3424P - page 34

Neighbor R eachabil ity Detecti on After node A acquires t he link - layer address of it s ne ighbor node B, nod e A can v erify whether node B is reacha ble accor ding to NS and NA messages.  Node A sends an NS m essage whos e destination a ddress is the I Pv6 addres s of node B.  If node A receives an NA message from node B, node A consider ...
TP-Link TL-SG3424P - page 35

RAs are also sent in resp onse to dev ice solicit ation messages. D evice soli c itation messa ges, which hav e a value of 133 in t he T ype field of the ICMP packet header , are sent by hosts at system st artup or anytime neede d so that the host can imme diately autoc onfigure w ithout needing t o wait for the next scheduled RA message. Hosts dis ...
TP-Link TL-SG3424P - page 36

Y ou can configure the sy stem ’ s admin istrative IPv 6 address on this p age. Choose the menu Sys te m → System Info → Sy stem IP v6 to load the follow ing page. Figure 4- 10 System IP v6 The follow ing entries are disp layed on t his screen:  Global Config IPv6 : Enable/D isable IPv6 func tion globa lly on the s witch .  Link - lo ca ...
TP-Link TL-SG3424P - page 37

S ta t u s : Displays the status o f the link - local address .  No rma l: Indicates that the link - local address is normal.  Tr y : Indicates that t he link - local address may be new ly configured .  Repeat: Ind icates that th e link - loca l address is dupli cate. It is illegal to ac cess the switch us ing the IPv6 ad dress(inc luding ...
TP-Link TL-SG3424P - page 38

S ta t u s : Displays t he status o f the global addre ss .  No rma l: Indicates that the global ad dress is nor mal.  Tr y : Indicates that t he global address may be new ly configured.  Repeat: Indic ates that the correspond ing address i s duplic ate. It is illegal to acce ss the sw itch using this addr ess. Tips : After adding a global ...
TP-Link TL-SG3424P - page 39

Choose the menu Sys te m → User Manag e men t → User Confi g to load the following p age. Fi gure 4- 12 Us er Con fig The follow ing entries are disp layed on t his screen:  User Info User Name: Create a name for users ’ login. Access Lev el: Select th e access level to login.  Admin: Ad min can edit, modify and view all the sett ings o ...
TP-Link TL-SG3424P - page 40

4.3 System T o ols Th e Sys tem T ool s f uncti on , allowing you to manag e the configurat ion file of the switch, can be impleme nted on Config Resto re , Config Backup , Firmware Upgrade , System Reb oot and Syst em Reset p ages. 4.3.1 Config Rest ore On this p age you c an upload a b ackup conf iguration fil e to restore y our switc h to this p ...
TP-Link TL-SG3424P - page 41

Choose the menu S yst e m → System T ools → Confi g Backup to load the following p age. Fi gure 4- 14 Conf ig B ackup The follow ing entries a re display ed on t his screen:  Con fig Ba ckup Backu p Confi g: Clic k t he Backup Con fig button to sav e the current conf iguration as a file to your computer . Y ou are suggested to t ake this mea ...
TP-Link TL-SG3424P - page 42

4.3.4 System Reboot On this pag e you can reboot t he switch and return to the login pag e. Please sa ve the current configurat ion before re booting to av oid los ing the co nfiguration uns aved Choose the menu Sys te m → System T ools → System Reboot to load the follow ing page. Fi gure 4- 16 Syste m R eboot No te: T o avoid damag e, please d ...
TP-Link TL-SG3424P - page 43

Choose the menu Sys te m → A ccess Security → Access Control to load the follow ing pa ge. Fi gure 4- 18 Access Contr ol The follow ing entries are disp layed on t his screen:  Access Control Config Control Mode: Select the cont rol mode for users to log on to the Web manage ment page.  IP - based: Select this opt ion to limit the I P - r ...
TP-Link TL-SG3424P - page 44

 Sessi on Config Sessi on Ti meout : If you do nothing wit h the Web manage ment p age within the timeout ti me, the system w ill log out automat ically . If you want to reconfigure, please logi n again.  Access Us er Number Nu mber Control ； Select Enab le/Disab le the Number Control funct ion. Adm in Number : Enter the maximum nu mber of ...
TP-Link TL-SG3424P - page 45

Choose the menu S yst e m → A ccess Sec urity → SSL Confi g to load t he following p age. Fi gure 4- 19 SSL Conf ig The follow ing entries are disp layed on t his screen:  Global Co n f ig SSL : Select Enable/Dis able the SS L function on t he switch.  Certificate D o wnl oad Certific ate File: Select the de sired certi ficate to downl oa ...
TP-Link TL-SG3424P - page 46

an insecure netw ork environ ment. It can encry pt all the transmission dat a and prevent the inf or mation in a remote manag ement being leak ed. Compris ing server and cli ent, SSH has two v ersions, V1 and V2 wh ich are not co mpatib le with each other . In the communication, S SH server and client can auto - negot iate the SSH v ersion and the ...
TP-Link TL-SG3424P - page 47

 Ke y Dow nloa d K ey T yp e : Select the t ype of SSH Key t o down load. The s witch support s three ty pes: SSH - 1 RSA, S SH - 2 RSA and SSH - 2 DSA. Key File: Select t he desired key file to downlo ad. Dow nload : Cli ck the Downl oad butt on to down lo ad the des ired key file to the switch. No te: 1. Please e nsure t he key length of the d ...
TP-Link TL-SG3424P - page 48

2. Cli ck t he Open button in the abov e figure t o log on to t he switch. Ent er the login user na me and passw ord, and then y ou can cont inue to configur e the switch. A ppl ication Example 2 f or SSH :  Network R equireme nts 1. Log on t o the switch via p assword aut henticat ion using S SH and the SSH fun ction is ena bled on the switch. ...
TP-Link TL-SG3424P - page 49

2. Aft er the key is successf ully generate d, pleas e save the pub lic key and privat e key to the computer . 3. On the W eb manage ment p age of the switch, download the pub lic key file saved in t he computer to t he switch. Note: 1. The key t ype should acc ord with the t ype of the key file. 2. The SSH key downloa ding cannot be interr upted. ...
TP-Link TL-SG3424P - page 50

4. Aft er the public key is downloaded, please l og on to the interface of PuTTY and enter the IP address for l ogin. 5. Clic k Brow se to down load t he private key file to SSH client software a nd click Open . 40 ...
TP-Link TL-SG3424P - page 51

After successfu l authent ication, ple ase enter t he login us er name. If you log on to t he switc h without enter ing pas sword , it indicates that the key has bee n successfu lly downloade d. No te: Following the st eps abov e, you hav e already entere d the User EXEC Mo de of the switc h. However , to configur e the switch, you need a p assword ...
TP-Link TL-SG3424P - page 52

Chapter 5 Switching Switching module is used to configure t he basic func tions of the switch, includin g four submenus : Port , L AG , T raffic Mon itor and M AC Ad d r es s . 5.1 Port The Port funct ion, allowin g you to configur e the basic featur es for the port , is implemented o n the Port Config , Port M irror , Port S e curity , Port Isolat ...
TP-Link TL-SG3424P - page 53

Port : Displays the port number . Descrip tion : Give a descri ption to the por t for identificat ion. S ta t u s : Allows you t o Enab le/Disable th e po rt. W hen E nabl e is selected, t he port can for ward the p ackets normally . Spe ed and D uplex : Select the S peed a nd Duplex mode for the por t. The dev ice connected to the switc h should b ...
TP-Link TL-SG3424P - page 54

Choose the menu Switc hing → Port → Port Mirror to load the f ollowing p age. Figure 5-2 M irro r Group List The following entries are displayed on t his screen.  Mirror Group Li st Grou p: Displays the mirror grou p number . Mirroring: Dis pla ys the mirror ing port num ber . Mode : Dis plays the mirror mode , the value will be "Ingr e ...
TP-Link TL-SG3424P - page 55

Clic k Edit to display the following fi gure. Figure 5-3 Port Mirror Confi g The follow ing entries are displayed on thi s screen.  Mirror Group Nu mbe r: Select the mirror group numb er you want t o config ure .  Mirroring Port Mirroring Port : Select the mirroring port number .  Mirrored Port Port Select : Click the Sele ct button to qui ...
TP-Link TL-SG3424P - page 56

Eg ress: Select Enab le/Disab le the Egress feature. W he n the Egre ss is enabled, the outgoing p ackets sent by the mirrore d port will be copied to the mirroring por t. L AG : Displays the LAG numbe r which the port bel ongs to. The LAG member cannot be selected as the mirror ed port or mirrorin g port. No te: 1. The LAG mem ber cann ot be selec ...
TP-Link TL-SG3424P - page 57

Choose the menu Switc hing → Port → Port Security to load the following page. Figure 5-4 P ort Securit y The following entries are displayed on t his screen:  Port Security Select : Select the d esired port for Port Sec urity config uration. I t i s mul ti - op tion al. Port : Displays the port number . Max Lea rned M A C : S pecify the max ...
TP-Link TL-SG3424P - page 58

No te: 1. The Port Security functio n is disabled for t he LAG por t member . Only the port is removed from the LAG , will the Port Sec urity function be av ailable for t he port. 2. The Port Security funct ion is disab led when the 802. 1X function is ena bled. 5.1.4 Port Isolat ion Port Isolati on provides a method of restrict ing traf fic flow t ...
TP-Link TL-SG3424P - page 59

 Port Is olation List Port : Display t he port number . Forwar d Portl ist : Display the F orward Port l ist . 5.1.5 Loopback D etection With loopbac k detection f eature enabl ed, the switc h can det ect loops using loopback detect ion pac kets. W he n a loop i s detected, the switch w ill display an a lert or f urth er bl ock the co rres pondi ...
TP-Link TL-SG3424P - page 60

The following entries are displayed on t his screen:  Global Config Loopbac kDetectio n S ta t u s : Here you can en able or disab le Loopback Detection funct ion globally . Detection Inte rval : Set a L oopback Det ection inter val between 1 and 1 000 seconds. By defa ult , it ’ s 30 secon ds . Automatic Recovery Tim e : T ime a fter whic h t ...
TP-Link TL-SG3424P - page 61

For the m ember port s in an ag gregatio n group, the ir basic con figurat ion must be t he same. T he basic conf iguration i ncludes STP , QoS , GV RP , VL AN , po rt attributes , MAC A ddress Learni ng mode and oth er a ssociate d settings. More d eta ils are explained b elow :  If the port s, which are ena bled for the GVRP , 802 .1Q VL A N , ...
TP-Link TL-SG3424P - page 62

The following entries are displayed on t his screen:  Global Co nfig Hash A lgorit hm : Select the app lied scope of Aggregate Arit hmetic, w hich result s in choosing a port to transf er the pac kets. • SRC MA C + DST MA C: When this opt ion is selected, the Aggregat e Arithm etic will app ly to the source and destinatio n MAC address es of t ...
TP-Link TL-SG3424P - page 63

Choose the menu Switc hing → L AG → St atic LAG to load the following p age. Figure 5-8 St a t i c L A G Co nfig The following entries are displayed on t his screen:  LAG Config Grou p Number : Select a Group Number fo r the LAG . Descrip tion : Give a descri ption to the LAG for identificat i on.  LAG T able Member Port : Select the port ...
TP-Link TL-SG3424P - page 64

group. In an aggre gation group, the port w ith smaller port prior ity will be consider ed as the preferred on e. If the tw o port priorities are e qual; the por t with smaller p ort number is preferred. After an aggregation gro up is establ ished, the selec ted port s can be aggregated t ogether as one port to tra nsmit p ackets. On this pa ge, yo ...
TP-Link TL-SG3424P - page 65

Select : Select the des ired port for LACP con figurat ion. It is multi - option al. Port : Displays the por t number . Adm in Key : S pecify an Admin Key for the por t. The member port s in a dynamic aggregatio n group must have the sam e Admin Key . Port Priority : S pecify a Port Pr iority for t he port. This v alue deter mines the pr iority of ...
TP-Link TL-SG3424P - page 66

Choose the menu Switc hing → T raffic Mon itor → T ra ffic Summary to load the followi ng page. Figure 5- 10 T raffic Summary The following entries are displayed on t his screen:  Auto Refresh Aut o Refresh : Allows you t o Enab le/Disable re freshing t he T raffic S ummary automati cally . Refresh Ra te : Enter a value in seconds to s pecif ...
TP-Link TL-SG3424P - page 67

St atistics : Click the St a tistics button to view the det ailed traff ic stat istics of the port. 5.3.2 T raffic St atistics T raf fic S tatist ics scree n displays t he deta iled traf fic information of each p ort, whic h facilit ates you to monitor the t raf fic and locate fau lts prom ptly . Choose the menu Switc hing → T raffic Mon itor → ...
TP-Link TL-SG3424P - page 68

transmitt ed on the port. The error frames are not co unted in. Mult icast : Displays the number of go od multicast p acket s recei ved or transmitt ed on the port. The error frames are not co unted in. Unicast : Displays the number of go od unicast p acket s received or transmitt ed on the port. The error frames are not co unted in. Alignment Erro ...
TP-Link TL-SG3424P - page 69

T able 5-1 T ypes and fe atures of Address T able This function inc ludes four subme nus: Address T able , St atic A ddress , Dynami c Address and Filte ring A ddress . 5.4.1 Address T able On this pa ge, you can v iew all the infor mation o f the Add ress T able. Choose the menu Switc hing → M AC Ad d re s s → Address T able to load the follow ...
TP-Link TL-SG3424P - page 70

 Dynami c: This option all ows the addr ess tab le to display the dynamic a ddress entrie s only .  Filterin g: This opt ion allow s the address t able to dis pla y the filtering ad dress entries o nly .  Address T able M AC Ad d r es s : Displays the MAC addres s learned by the switch. V L AN ID : Displays the cor respondin g VLAN ID of t ...
TP-Link TL-SG3424P - page 71

V L AN ID : Enter the corres ponding VLA N ID of the MAC ad dress. Port : Se lect a port from the p ull - dow n list to be bound.  Search Opti on Search Opti on : Select a Search Opt ion from t he pull - down l ist and click the Search button to find y our desired entry in t he S tat ic Address T able. • M AC : Enter t he MAC addr ess of your ...
TP-Link TL-SG3424P - page 72

Choose the menu Switc hing → M AC Ad d re s s → D ynami c A ddress to load the fo llowing pa ge. Figure 5- 14 Dynam ic A ddres s The following entries are displayed on t his screen:  Agi ng Config Aut o A ging : Allows you t o Enable/Disa ble the Auto Aging feat ure. Agi ng Ti me : Enter the Aging T ime for the dy namic addre ss.  Search ...
TP-Link TL-SG3424P - page 73

 Dynami c Addr ess T able Select : Select the ent ry to delete the dy namic address o r to bind the MA C address t o the correspond ing port st atically . It is mult i - optiona l. M AC Ad d r es s : Displays the dynamic M AC Addre ss. V L AN ID : Displays the cor respondin g VLAN ID of the M AC address. Port : Di splays the cor respondin g port ...
TP-Link TL-SG3424P - page 74

Choose the menu Switc hing → M AC Ad d re s s → F ilt ering A ddress to load the follow ing pa ge. Figure 5- 15 Filteri ng Addres s The following entries are displayed on t his screen:  Create Filtering A ddress M AC Ad d r es s : Enter the MA C Address to be filter ed. V L AN ID : Enter the corres ponding VLA N ID of the MAC ad dress.  S ...
TP-Link TL-SG3424P - page 75

No te: 1. The MA C address in th e Filter ing Addres s T able cannot be added t o the S tati c Address T able or bound to a por t dynami cally . 2. This MA C address filter ing funct ion is not availab le if the 802.1X feature is en abled. Return to CONTEN TS 65 ...
TP-Link TL-SG3424P - page 76

Chapter 6 VLAN The tradition al Ethernet is a dat a networ k communicat ion technology based on CSMA/CD (Carrier Sense Mu ltiple Access/ Collis ion Detect) via shared comm unication medi um. Throug h the traditiona l Ethernet, the over full hosts i n LAN will r esult in s erious collis ion, floodin g broadcas ts, poor perfor mance or even brea kdow ...
TP-Link TL-SG3424P - page 77

packe ts o f dif ferent VLA Ns. The sw itch can ana lyze t he received unt agged pac kets o n the port and match the pac kets w ith the MA C VLAN, Prot ocol VLA N and 802.1Q VLA N in turn. I f a pac ket is matched, t he switch will add a correspon ding VLAN tag to it and forward it in the corresponding VLAN. 6.1 802.1Q VL A N VLAN ta gs in the p ac ...
TP-Link TL-SG3424P - page 78

（ 2 ） TRUNK: The TRUNK port c an be added in multiple VLAN s, and the egres s rule of the p ort is T AG . The TRUNK port i s generally used to con nect t he casc aded netw ork devices for it can receiv e and forwar d the p acket s of multi ple VL ANs. W hen t he p acket s are forwar ded by the T RUNK port , its VL AN tag wil l not be change d. ...
TP-Link TL-SG3424P - page 79

IEEE 802.1Q VLAN funct ion is imple mented on the VLA N Config and Port Conf ig p ages. 6.1.1 VLAN Config On this pa ge, you can v iew the cur rent created 80 2.1Q VLAN. Choose the menu VL AN → 802.1Q VLA N → VLAN C onfig to l oad the follo wing p age. Figure 6-3 VLAN T abl e T o ensure the nor mal comm unication o f the factory switch, t he de ...
TP-Link TL-SG3424P - page 80

Clic k Edit button to modify t he settings of the c orrespond ing VLAN. Cl ick Create button to create a new VLA N. Figure 6-4 Create or Mo dify 802.1Q VL AN The following entries are displayed on t his screen:  VLA N Config VLA N ID: Ent er the ID number of VLAN. Descrip tion: Give a descri ption to the VL AN for identi fication. Check: Cl ick ...
TP-Link TL-SG3424P - page 81

Link T ype: Displays the Link T ype of the port. It can be reset on Port Config screen. Eg ress Rul e: Select the E gress Rule for the VLAN port member . The default egress rule i s UNT AG . • T AG: A ll packe t s forwarded by the port are t agged. The pac kets cont ain VL AN informat ion. • UNT AG: Pac kets forwar ded by the port are unt agged ...
TP-Link TL-SG3424P - page 82

Link T ype: Se lect the Lin k T ype from the pull - down list for the por t. • ACC ESS: Th e ACCES S port can be added i n a single VLAN, and the egress rule of the port is UNT AG . The PVID is sa me as the current VLAN ID. If the current VLA N is deleted, t he PVID will be s et to 1 by defau lt. • TRUNK: The TRU NK port can be added in multipl ...
TP-Link TL-SG3424P - page 83

Step Ope ration Description 3 Modify/ View V LAN. Optional. On the V L AN → 802.1Q VLA N → VLA N C onf ig page, click the Edit/Detail butt on to modi fy/v iew the information o f the correspond ing VLAN. 4 Delete VLA N Optional . On the V L AN → 802.1Q VLA N → VLA N C onf ig page, select the des ired entry to delete the corr espondi ng VLAN ...
TP-Link TL-SG3424P - page 84

The following entries are displayed on t his screen:  VLA N T able M AC Ad d r es s : Enter t he MAC address. Descrip tion: Give a descri ption to t he MAC address f or identificat ion. VLA N ID: Enter the ID nu mber of the MAC VLAN. Th is VLAN shoul d be one of the 802.1Q VLA Ns the ingres s port belongs t o.  M AC V L AN T ab l e MAC Select ...
TP-Link TL-SG3424P - page 85

the dat a of specific protocol ca n be automati cally assigned to t he correspondin g VLAN for transmis sion. T he network admin istrator can man age networ k clients base d on their specific applicatio ns and serv ices through prot ocol VL AN.  Enca ps ulation Form at of Et hernet D at a This section si mply intro duces the comm on used enca ps ...
TP-Link TL-SG3424P - page 86

 The Proced ure for the S witch to Identi fy Packet Prot oco l  The Im pleme ntat ion of P rotoc ol VLA N This switch can match pac kets through pr otoco l templat e and tran smit pa ckets in t he specific VLAN accord ing to the protocol. Protocol t emplate, compris ing encap sulation for mat and prot ocol type, is the standar d to deter mine ...
TP-Link TL-SG3424P - page 87

The packet i n Protocol VL AN is process ed in the follow ing way: VLA N packets are proce ssed i n the foll owing way : 1. When re ceiving an unt agged packet, the switch matches the pac ket with the c urrent Protoc ol VLAN. If the pac ket is matched, the sw itch will add a correspond ing Protocol V LAN tag to it. If no Protocol VL AN is matched, ...
TP-Link TL-SG3424P - page 88

Choose the menu VL AN → Protoc ol VLA N → Protocol Group to load t he followin g page. Figure 6-9 Create Protoco l VLAN The following entries are displayed on t his screen:  Protoc ol Group Co nfig Protoc ol: Select the de fined protoco l templa te . VLA N ID: Enter the ID nu mber of the Prot ocol VLAN. Th is VLAN should be o ne of the 802.1 ...
TP-Link TL-SG3424P - page 89

The follow ing entries are displayed on thi s screen:  Create Prot ocol T emplate Protoc ol Name: Give a na me for the Proto col T emplate. Ether T ype: Enter the Eth ernet protoc ol type field in the pr otocol t emplate. Frame T ype: Select a Fra me T ype for the Protoc ol T empla te.  Protoc ol T emplate T able Select: Select the des ired e ...
TP-Link TL-SG3424P - page 90

 Switch B is co nnecting t o PC B and Server A;  P C A and Server A i s in the s ame VLAN;  PC B and Server B is in the sa me VLAN;  PCs in the two VL ANs cannot co mmunicat e with each other .  Network Di agram  Confi gurati on Proced ure  Configur e Switc h A Step Ope ration Description 1 Configur e the Li nk T ype of th e po ...
TP-Link TL-SG3424P - page 91

6.5 Applic ation Exa mple for M A C V L AN  Network R equireme nts  S w i t c h A and switch B are conne cted to meeti ng room A a nd meeting roo m B respect ive ly , and the two r ooms are for all dep artment s;  Noteboo k A an d Noteb ook B, special for meeting roo m, are of two dif ferent depart ments;  The two dep artment s are in V ...
TP-Link TL-SG3424P - page 92

 Configur e Switch B Step Ope ration Description 1 Configur e the Li nk T ype of the ports Required. On VL AN → 802.1Q VLA N → Port Conf ig page, configure the link type of Port 21 and Port 22 as GENERAL and TRUNK respect ively . 2 Create VLAN10 Required. On VL AN → 802.1Q VLA N → VLA N Confi g page , cre ate a VLAN w ith it s VLA N ID a ...
TP-Link TL-SG3424P - page 93

 Network Di agram  Confi gurati on Proced ure  Configur e Switc h A Step Ope ration Description 1 Configur e the Li nk T ype of the ports Required. On VL AN → 802.1Q VLA N → Port Conf ig page, configure the link type of P ort 1 1 a nd Port 13 as ACCE SS, and configur e the link type of Port 12 as G ENER AL. 2 Create VLAN10 Required. On ...
TP-Link TL-SG3424P - page 94

Step Ope ration Description 4 Create Prot ocol T em pla te Required. On V L AN → Protoc ol VLA N → Pro tocol T e mplate p age, conf igu re the protoco l template pr actically . E.g. the IP network pac kets are enc apsul ated in Ethernet II format and it s Ether T ype is 0800; the AppleT alk network pac ket s are encap sulated in S NAP for mat a ...
TP-Link TL-SG3424P - page 95

• Join Ti mer: To t ransmit the Joi n messages r eliably to other entities, a GARP entity s ends each Join mess age two times. The Joi n timer is used to define the int erval between the two sending oper ations of eac h Join messa ge. • Leave Timer : When a GARP ent ity expects to der egister a piece of att ribute infor mation, it sends out a L ...
TP-Link TL-SG3424P - page 96

Choose the menu VL AN → GVRP to load the following p age. Figure 6- 11 GV RP Co nfig No te: If the GVRP feature i s enabled for a member por t of LAG , please ensure all t he member por ts of this LAG are set to be in the sa me stat us and registr ation mode. The follow ing entries are displayed on thi s screen:  Global Co nfig GVRP: Allows yo ...
TP-Link TL-SG3424P - page 97

• Forbi dden: I n this mode, a port cannot register/der egister VLANs. I t only prop agates VLA N 1 informati on. LeaveA ll T imer: Once the L eaveAll T imer is set, t he port with GV RP enab led can sen d a LeaveAll messa ge after the timer times out , so that other GARP ports c an re - register al l the attr ibute information. After that, the L ...
TP-Link TL-SG3424P - page 98

Chapter 7 S p anning T ree STP (S pannin g Tr ee Protocol), subject to I EEE 802.1D standard, is to disbranch a ring netw ork in the Data Lin k l ayer in a local network. Devices running STP discover loops in the net work and block ports by exchanging information, in that way , a ring network can be disbranched to for m a tree - topological ring - ...
TP-Link TL-SG3424P - page 99

Figure 7-1 Basic ST P diagr am  STP T imer s Hello T ime: Hello T ime ranges fro m 1 to 10 seconds. It specifie s the interv al to send BP DU p ackets. It is used to test the link s. Max. Age: Max. Age ra nges from 6 t o 40 seconds. It specifies the maximu m time the sw itch can wait wit hout receiving a B PDU before attempting to r econfigur e. ...
TP-Link TL-SG3424P - page 100

 Compar ing BPDUs Each switch s ends out co nfiguration BPDUs and re ceives a conf iguration B PDU on one o f its por ts from another switch. The follow ing tab le shows the c ompar ing operat ions. Step Ope ration 1 I f the priority of the BP DU received on the port is lower than that of the BPDU if of the port it self, the switc h discards the ...
TP-Link TL-SG3424P - page 101

 The condit ion for the root port to transit it s port st ate rapidly: The old root port of the switch stops forw arding dat a and the desig nated port of the ups tream switc h begins to forw ard data.  The condit ion for the designated por t to transit it s port st ate rapidly: The des ignated port is an edge port or connecti ng to a point - ...
TP-Link TL-SG3424P - page 102

The follow ing figure show s the netw ork diagram in M STP . F igure 7-2 Basic M STP diag ram  M STP MSTP divides a netw ork into sever al MST r egions. The C ST is gener ated betw een these MST regions, and multiple sp anning trees can be ge nerated in e ach MST region. Each sp annin g tre e is called an ins tance. As well as S TP , MSTP uses B ...
TP-Link TL-SG3424P - page 103

The follow ing diagram sh ows the dif ferent port roles. Figure 7-3 P ort roles The S panni ng T ree module is m ainly for sp anning tree conf iguration o f the sw itch, includi ng four submenus: STP Config , Port Config , MSTP I nsta nce and STP Security . 7.1 STP Config The STP Config funct ion, for global conf iguration of sp anning tr ees on th ...
TP-Link TL-SG3424P - page 104

Choose the menu Sp anni ng T ree → STP Config → STP Config to load t he following p age. Figure 7-4 S TP Conf ig The follow ing entries are disp layed on t his screen:  Global Co nfig STP: Select Enable/Dis able ST P funct ion globally on t he switch. V ersio n: Select the des ired STP vers ion on the switch.  STP: S panning T ree P roto ...
TP-Link TL-SG3424P - page 105

Max Hops: Enter a value fro m 1 to 40 to set the maximum nu mber of h ops that occur in a spec ific region befor e the BPDU is discarde d. The default v alue is 20 hop s. No te: 1. The forwar d delay paramet er and the net work diameter are corre lated. A too small forw ard delay p arameter may result in te mporary loops. A too large forw ard delay ...
TP-Link TL-SG3424P - page 106

Choose the menu S pa nning T ree → STP Co nfig → STP Summary to load t he following p age. Figure 7-5 S TP Summary 7.2 Port Co nfig On this page y ou can configure the parameters of the port s for CIST 96 ...
TP-Link TL-SG3424P - page 107

Choose the menu S pa nning T ree → Port Config to load the followin g page. Figure 7-6 P ort C onfig The follow ing entries are disp layed on t his screen:  Port Config Port Select : Clic k t he Select butt on to quic k - select the c orrespond ing port base d on the port nu mber you enter ed. Select: Select the desire d port for STP conf igur ...
TP-Link TL-SG3424P - page 108

 Desig nated Port: I ndicates the port that forwards pac kets t o a downstrea m networ k segment or swit ch.  Master Port: Indic ates the por t that co nnects a MST regio n to the common r oot. The p ath from th e master port to the common r oot is the shortest p ath between this MST region an d the common root.  Alternate Por t: Indicat e ...
TP-Link TL-SG3424P - page 109

Choose the m enu S pa nning T ree → MSTP Inst ance → Re gion Co nfig to lo ad the follow ing page . Figure 7-7 Regio n Con fig The follow ing entries are disp layed on t his screen:  Region C onfig Region Nam e: Create a name for MST region id entification us ing up t o 32 character s. Revisio n: Enter t he revision fr om 0 to 65535 for M ST ...
TP-Link TL-SG3424P - page 110

Choose the menu S pann ing T ree → MSTP Inst ance → Inst ance Co nfig to load t he followi ng page . Figure 7-8 I nsta nce Config The follow ing entries a re display ed on t his screen:  Inst ance T able Inst ance I D Select: Click the Sele ct button to quick -se lect the corre sponding Ins tance I D based on the I D number you ent ered. Sel ...
TP-Link TL-SG3424P - page 111

 V L AN - Inst ance Mapping VLA N ID: Ent er the desired VL AN ID. After modificatio n here, the new VLAN ID will be added to t he correspondin g instance I D and the previous V LAN ID won ’ t be rep laced. Inst ance I D: Enter the corres ponding ins tance I D. No te: In a networ k with both GVRP and MS TP ena bled, GVRP pac kets are forw arde ...
TP-Link TL-SG3424P - page 112

The follow ing entries are disp layed on t his screen:  Port Config Inst ance I D: Sel ec t the des ired inst ance ID for it s port con figuration. Port Select : Cli ck the Select but ton to quic k - select the c orrespond ing port base d on the port nu mber you enter ed. Select: Select the d esired por t to specify it s prior ity and p ath cost ...
TP-Link TL-SG3424P - page 113

7.4 STP Security Configur ing protectio n function for devices can prev ent devices fr om any malic ious attac k against STP feat ures. The STP Security function can b e implement ed on Port Protect and TC P rotect page s. Port Protect function is t o prevent the dev ices from any malicious at tac k against STP featur es. 7.4.1 Port Protect On this ...
TP-Link TL-SG3424P - page 114

Normally these port s do not receive BPDU s, but if a user malicious ly att ack s the switch by sending BPDUs, netw ork topolo gy jitter occ urs. T o prevent t his attac k, MSTP prov ides BPD U protect function. W ith this fun ction enabled on t he switch, t he switch shut s down t he edge port s that receiv e BPDUs an d repor t s these cases to t ...
TP-Link TL-SG3424P - page 115

Po rt: Disp lays the port nu mber of the switc h. Loop Prot ect: Loop Prot ect is to pr event the lo ops in th e networ k brought by recalculat ing STP because of lin k failures an d network cong estions. Root Protect: Root Protect is to prevent w rong networ k topology chan ge caused by the role chang e of the current legal root bridge. T C Protec ...
TP-Link TL-SG3424P - page 116

 Network Di agram  Confi gurati on Proced ure  Configur e Switc h A: Step Ope ration Description 1 Configur e ports On V L AN →802.1Q VLA N page, conf igure the lin k type of the related ports as T runk, a nd add the por ts to VLAN101 - VLAN 106 . The deta iled instructi ons can be found in the sect ion 802.1 Q VLAN. 2 Enable STP f unct ...
TP-Link TL-SG3424P - page 117

Step Ope ration Description 3 Configur e the region name and the revisio n of MST r egion On Sp anni ng T ree →MSTP In stance→R egion Con fig page, co nfigure the r egion as TP - LI NK and keep the def ault revision s etting. 4 Configur e VLAN - to - Inst ance mapping t able of the MST region On Sp anning T ree →MST P Instance→ Instance Con ...
TP-Link TL-SG3424P - page 118

 Configur e Switch D: Step Ope ration Description 1 Configur e ports On VL AN →80 2.1Q V LAN page, configure t he link type of the r elated ports a s T runk, and add t he ports to VLAN101 - VL AN106 . The d etaile d instruction s can be found i n the sectio n 802.1Q VLA N . 2 Enable STP f unct ion On Sp anning T r ee →STP C onfig →STP Con ...
TP-Link TL-SG3424P - page 119

 Sugge st ion for C onfigur ation  Enable TC Protect function for all t he ports o f switches.  Enable Ro ot Protect funct ion for all the por ts of root bridges.  Enable Loo p Protect funct ion for the no n - edge port s. Enable BPDU Prote ct function or BPD U Filter function fo r t he edge port s wh ich are conn ected to the PC and se ...
TP-Link TL-SG3424P - page 120

Chapter 8 Multicast  Multicas t Overview In the netw ork, pac kets are sent in three modes: un icast, br oadcast and multicast. I n unicast, the so urce serv er sends se par ate copy infor mation to e ach receiv er . When a larg e number o f users require this informat ion, the serv er must sen d many pieces of in formation with the same content ...
TP-Link TL-SG3424P - page 121

 IPv4 Multica st A ddress 1. IPv4 Multicast IP Address: As specified by IANA (Internet Assigned Numbers Aut hority) , Class D IP ad dresses are use d as destinatio n addresses of multic ast packet s. The multicast IP addresses range fr om 224.0.0.0~ 239.255. 255.255. The foll owing t able displays the r ange and description o f several special m ...
TP-Link TL-SG3424P - page 122

 0X FF at t he start of the a ddress i dentifies the a ddress as being a mu lticast addr ess.  Flags have 4 b its: (1) The high - or der fla g is re s erv ed, and must be initia lized to 0. (2) R : Set t o 0 to indicate this IPv 6 multicast a ddres s does not c ontain an embedded RP address; set to 1 to indicat e this IPv6 mult icast addre ss ...
TP-Link TL-SG3424P - page 123

Reserv ed Multicast Addresses : Address Indication FF01::1 All i nter face - loca l IPv6 nodes FF02::1 A ll link - loca l IPv6 node s FF01::2 All i nter face - loca l IPv6 rou ters FF02::2 A ll link - loca l IPv6 routers FF05::2 All site - local IPv6 router s FF0X:: X ranges fro m 0 to F . These mult icast address es are reserved and sha ll never b ...
TP-Link TL-SG3424P - page 124

 Multicast Addres s T able The switch is forwardin g multicast p acket s based on the multicast ad dress t able. As the transmis sion of multicast p acket s cannot span t he VLAN, the first p art of th e multicast addre ss table is VLA N ID, based on which the received mu lticast p ackets ar e forwarded in the VL AN owning the r eceiving port. T ...
TP-Link TL-SG3424P - page 125

if the mult icast group s cont ain any m ember . W hen receiving I GMP le ave me ssage, the rec eiving port of the rout er will sen d IGMP group - speci fic - qu ery message t o the multi cast group and t he switch will forw ard IGMP group -speci fic- query message to check if other members in the multic ast group of the port need this mu lticast. ...
TP-Link TL-SG3424P - page 126

The IGMP Snooping fun ction can be implement ed on the following p ages : Snoopin g Conf ig , VLA N Config , Port Config , IP - Range , Multic a st V L AN , St atic M ulticast IP and P acket St atistics . 8.1.1 Snooping Confi g T o configure the I GMP Snooping on the switch, please firstly config ure IGMP global configur ation and related p aramete ...
TP-Link TL-SG3424P - page 127

Ch oose the menu Multicast → IGMP S nooping → V LA N Config to load the follow ing page. Figure 8-6 V LAN Con fig The follow ing entries are disp layed on t his screen:  VLA N Config VLA N ID: Ent er the VLAN I D to enab le IGMP Snoopin g for the des ired VLAN. Router Port Time: S pecify the aging time of t he router port. W ithin this t ime ...
TP-Link TL-SG3424P - page 128

Member Port Time: Disp lays the member port time of the VLAN. Leave T ime: Displays the leav e time of t he VLAN. Router Port: Displays the router port of the VLAN. No te: The settings h ere will be i nvalid when multicast VL AN is enable d Config uration proce dure: Step Ope ration Description 1 Enable IG MP Snoop ing fu ncti on Required. Enable I ...
TP-Link TL-SG3424P - page 129

The follow ing entries are disp layed on t his screen:  Port Config Port Select : Click t he Select butt on to quick - select th e corres ponding por t based on the port number you entered. Select: Select the desire d port for IGMP Snooping feature c onfigurati on. It is mult i - optional. Po rt: Disp lays the port of the switch . IG MP Snoopi n ...
TP-Link TL-SG3424P - page 130

Choose the menu Multicast → IGM P Snoopi ng → IP - Ran ge to load the follow ing pag e. Figure 8-8 Mu lti cast Filter The follow ing entries are disp layed on t his screen:  Create IP - Range IP Range ID: Enter the IP - ran ge ID. St art Multicast IP: E nter s tart mult icast IP of the IP - r ange you set . End M ulticast IP: Enter en d mult ...
TP-Link TL-SG3424P - page 131

Before con figuring a multicast VLA N, you shou ld firstly conf igure a VLAN as multicast V LAN an d add the correspo nding port s to the VLAN on the 802.1Q VLAN p age . If the m ulticast V LAN is enabled, the multicast con figuration f or other VLANs on the VLA N Config page w ill be invalid, that is, the multic ast streams will be transm itted on ...
TP-Link TL-SG3424P - page 132

4. Configur e the link ty pe of the router por t in the multica st VLAN as T RUNK or con figure the egress rule as T AG and the link type as GENERA L otherwise a ll the member port s in the mul tica st V LAN cannot re ceive multicast streams. 5. Aft er a multicast VL AN is creat ed, all the IGM P p ackets wi ll be processe d only wit hin the mul ti ...
TP-Link TL-SG3424P - page 133

 Network Dia gram  Confi gurati on Proced ure Step Ope ration Description 1 Create VL ANs Create three VL ANs with t he VLAN ID 3, 4 and 5 respectively , and spec ify the descript ion of VLA N 3 as Mult icast VLAN o n V L AN →802.1Q VLA N page. 2 Conf igure port s On V LAN →802.1Q VLA N function p ages. For port 3, conf igure its li nk ty ...
TP-Link TL-SG3424P - page 134

Choose the menu Multicast → IGM P Snoopi ng →S t atic Multicast IP to loa d the followi ng page. Figure 8- 10 S tat ic Multicast I P T able The follow ing entries are disp layed on t his screen:  Create S tati c Multicast Multicas t IP: Enter st atic multi cast IP address. VLA N ID: Ent er the VLA N ID of the multi cast IP . Forwar d Port: E ...
TP-Link TL-SG3424P - page 135

Choose the menu Mu lticast → IGMP Snoo ping → Packet St atistics to load t he following p age. Figure 8- 11 Pac ket S tat istics The follow ing entries are disp layed on t his screen:  Auto Refresh Auto Refresh: Select Enable/ Disable aut o refresh feat ure. Refresh Period: Enter the ti me from 3 to 300 in s econds to sp ecify the auto r efr ...
TP-Link TL-SG3424P - page 136

Error Packet: Displays the nu mber of error packet s the port r eceived. 8.2 MLD Sn ooping  MLD Snoop ing Multicast L istener Discove ry （ MLD ） snooping is applied for eff icient distr ibution o f IPv6 multica st data t o clients and rout ers in a Layer 2 net work. W ith MLD snoop ing, IPv 6 multicast data i s selectiv ely forwarded t o a l ...
TP-Link TL-SG3424P - page 137

 MLD Snoop ing P rocess 1. Genera l Query The MLD router regular ly sends MLD general queries to query if the mu lticast gr oups cont ain a ny member s . W hen rec eivi ng MLD general quer ies , the switch wil l forward them to all other port s in the VLAN. T he receiving port will be proce ssed: if the rece iving port is not a r outer port y et ...
TP-Link TL-SG3424P - page 138

Chose the menu Mu lticast → MLD S noopi ng → Global Config to load t he following p age. The follow ing entries are disp layed on t his screen:  Global Co nfig MLD Snoop ing : Ena ble or disabl e MLD Snoop ing function glo bally . Rep ort Mes sage Suppressi on : Enable or disa ble Report M essage Suppre ssion fun ction globally . If this fun ...
TP-Link TL-SG3424P - page 139

Multicas t VLAN : Enable or disab le multicast VLAN function. W hen multicast VLAN is enabl ed, all multicast data w ill fo rward in t his VLAN if this port be longs to the VLAN. Multicas t VLAN ID: Enter the mul ticast V LAN ID. No te: 1. When Unknow n Multicast Fil ter is conf igured , the Unk nown Mul ticast fun ction i n IGMP Snooping is also c ...
TP-Link TL-SG3424P - page 140

The follow ing entries are disp layed on t his screen:  V L AN Config V L AN ID : Enter the VLA N ID you wa nt to configure. Router Port A ging Tim e : Enter the rout er port aging t ime for this VLAN. It w ill override the global con figured aging t im e. Member Port Aging Tim e : Enter the memb er port aging time for t his VLAN. It will overri ...
TP-Link TL-SG3424P - page 141

Dynamic Router P o r ts ： Displays the dynamic rout er port s of this VLAN. No te: 1. T he MLD snoopi ng func tion in a VLA N will take effect when gl obal MLD Snoo ping func tion is enable d in 8. 2.1 Gl oba l Config and th e VLAN i s creat ed in Chapter 6 VLAN . 2. W hen the router po rt aging time or m ember por t aging time is set for a VLAN ...
TP-Link TL-SG3424P - page 142

8.2.4 Port Confi g On this pa ge you can c onfigure M LD Snooping function with e ach single por t. Choose the menu Multicast → M LD Snoop ing → Port Config to load the follow ing p age. The follow ing entries are disp layed on t his screen:  Port Config Select : Se lect the port y ou want to con figure. Port : Displays the port number . Fil ...
TP-Link TL-SG3424P - page 143

Choose the menu Multicast → M LD Snoop ing → St atic Multicast t o load the foll owing pa ge. The follow ing entries are disp layed on t his screen:  St atic Multicast Confi g V L AN ID : Enter the VLA N ID. Multicas t IP : Enter the multicast IP address. Member Ports : Enter the member port s of the static mult icast group.  St atic Mult ...
TP-Link TL-SG3424P - page 144

The fol low ing entri es are di splayed o n this screen:  Querier Config V L AN ID : Enter the VLA N ID which you want to s tart Q uerier . Max imum Resp onse Tim e : Enter the v alue of Maxim um Response T ime field of the Query message. Query Interval : Enter the Quer y messag e in terval t ime. The Q uerier will send Ge neral Query Message wi ...
TP-Link TL-SG3424P - page 145

Choose the menu Multicast → M LD Snoop ing → Packet S tat istics to l oad the follow ing page. The follow ing entries are disp layed on t his screen:  Aut o Fresh Aut o Fresh: Selec t Ena b le/Dis able auto fresh feature. Fresh Per iod : Enter the ti me from 3 to 300 second s to specify the auto fresh per iod.  MLD Packet St atistics Rece ...
TP-Link TL-SG3424P - page 146

Error Packet: Displays the number o f error pac kets which t he switch has receiv ed. 8.3 Multicast T able In a networ k, receivers can join dif f er ent multicast g roups a ppropriate t o their needs. Th e switch forwards m ulticast str eams based on IPv4/IPv6 multicast address t able. The Multi cast T able function is imple mented on th e IPv4 M ...
TP-Link TL-SG3424P - page 147

8.3.2 IPv6 Multicast Ta b l e Th is page d isp lays the mu lticast group s which alre ady on the switch. Choose the menu Multicast→ M ulticast T able → IPv6 Multicast T able to load the follow ing page. The follow ing entries are disp layed on t his screen:  Search Opti on Multicas t IP : Enter the multic ast IP address the desired e ntry mu ...
TP-Link TL-SG3424P - page 148

Chapter 9 QoS QoS (Qua lity of Service) functions to prov ide dif ferent qua lity of service for various netwo rk appli catio ns and requ irement s and opti mize the ban dwidth re source dist ribution so as t o prov ide a networ k service experi ence of a better qu ality .  QoS This switch cla ssifies the ingres s pac kets, ma ps the pac kets to ...
TP-Link TL-SG3424P - page 149

2. 802.1P Priority Figure 9-2 8 02.1Q f rame As shown in the f igure abov e, each 802.1Q T ag has a Pri field, co mprising 3 bit s. The 3 - b it pr iorit y field is 802.1 p priority in the range o f 0 to 7. 802.1P priority deter mines the prior ity of the pac kets based on the Pri v alue. On the We b management page of the sw itch, you can conf igu ...
TP-Link TL-SG3424P - page 150

Figure 9-4 SP - Mode 2. W RR - Mode: Weight Round Robin Mode. In this mode, p ackets in all the que ues are sent in orde r based o n the we ight value for each queue and every queue can be as sured of a cert ai n service ti me. The we ight value indic ates the oc cupied proport ion of the res ource. W RR queue overcomes t he disadv ant age of SP qu ...
TP-Link TL-SG3424P - page 151

The QoS module is mainl y for traf fic contro l and priority configurat ion, includi ng three sub menus: DiffServ , Ban dwidth Contr ol and V oice VLAN . 9.1 DiffServ This switch cla ssifies the ingres s pac kets, ma ps the pac kets to dif ferent priority queues and t hen forwards the packet s acco rding to spec ified scheduling algorithms t o impl ...
TP-Link TL-SG3424P - page 152

Config uration Proc edure: Step Ope ration Description 1 Select the port priority Required. On QoS → DiffSe rv → Port Pri ority page , configure t he port prior ity . 2 Configur e the mapping relation b etween the CoS priority and TC Required. On QoS → DiffServ → 802.1P/CoS m apping page, configure the mapp ing relation betw een the CoS and ...
TP-Link TL-SG3424P - page 153

The follow ing entries are disp layed on t his screen:  DSCP Priority Con fig DSCP Priority: Select En able or Disabl e DSCP Priority .  Priority L evel DSCP: Indicates t he priorit y determine d by the DS region of IP dat agra m. It ranges fro m 0 to 63. Priority: Indicates t he 802.1P priority the pac kets with t ag ar e mapped t o. The pri ...
TP-Link TL-SG3424P - page 154

The follow ing entries are disp layed on t his screen:  Priority and CoS - m appi ng Confi g Ta g - id/Cos - id : Indicates the prece dence level defined by I EEE802.1P and the CoS I D. Que ue TC - id : Indicates t he priority level of egres s queue the p ackets with t ag and CoS - id are mappe d to. The pr iority levels of egr ess queue are lab ...
TP-Link TL-SG3424P - page 155

SP+W RR - Mode: St r i c t - Prior ity + We ight Round Rob in Mode. In t his mode, this sw itch provides tw o schedul ing group s, SP group an d WRR gro up. Queues in SP group an d WRR group ar e scheduled str ictly based on strict- priority mode while the queues inside W RR group fol low the WRR mode. In SP+ WRR mode, TC3 is in the SP g roup; TC0, ...
TP-Link TL-SG3424P - page 156

The follow ing entries are disp layed on t his screen:  Rate Limit Config Port Select : Click t he Se lect but ton to quick - select th e corres ponding por t based on the port number you entered. Select: Select the desire d port for Rat e configurat ion. It is mult i - optional. Po rt: Disp lays the port nu mber of the swi tch . Ingress R ate ( ...
TP-Link TL-SG3424P - page 157

Choose the menu QoS → Bandw i d th Contro l → Stor m Contr ol to l oad the follow ing pa ge. Figure 9- 11 S torm Control The follow ing entries are disp layed on t his screen:  St orm Contr ol Co nfig Port Select : Click t he Select butt on to quick - select th e corre sponding p ort based on the port number you entered. Select: Select the d ...
TP-Link TL-SG3424P - page 158

9.3 V oice VL A N Vo ice VLANs are con figured spe cially for v oice data stream. By con figuring V oice VLANs and adding the p orts wit h voice dev ices atta ched to voice VL ANs, you can per form Qo S - related configurat ion for voice dat a, ensuring the trans mission prior ity of voice dat a stream and v oice quality .  OUI Address (O rganiz ...
TP-Link TL-SG3424P - page 159

Port V oice VLA N Mode V oice Stream T ype Link ty pe of the port and pr ocessin g mode Automat ic Mode T AG vo ice str eam ACCE SS: Not supported. TRUNK: Supported. T he defau lt VLAN of the por t cann ot be voi ce V LAN. GENERA L: Supporte d. The defa ult VLAN o f the port cannot be voice V LAN and th e egress ru le of the a ccess por t in the vo ...
TP-Link TL-SG3424P - page 160

No te: Do not trans mit voice stream toget her with ot her business pac kets in the v oice VLAN except for some speci al require ments. The V oice VLA N function can be implement ed on Gl obal Confi g, Port C onfi g and OUI Config page s. 9.3.1 Global Confi g On this pa ge, you can co nfigure the g lobal p aramete rs of the voice VLAN, includi ng V ...
TP-Link TL-SG3424P - page 161

Choose the menu QoS → V o ice V LAN → Por t Conf ig to load the following pa ge. Figure 9- 13 Por t Config No te: T o enable v oice VLAN fun ction for the L AG mem ber port, please ensure it s member st ate a ccords with its por t mode. If a port is a member port of voice VLA N, changing its port mode t o be “Auto” w ill make the port leave ...
TP-Link TL-SG3424P - page 162

Se curit y Mod e: Configur e the security mode for forwar ding pac kets.  Disable: All packet s are fo rwarded.  Enabl e: Only v oice data are forw arded. Member St ate: Disp lays the st ate of the port in the c urrent voice VLAN. L AG : Display s the LAG number which the p ort belongs to. 9.3.3 OUI Confi g The switch sup ports O UI creatio n ...
TP-Link TL-SG3424P - page 163

Descrip tion: Display s the descripti on of the O UI. Config uration Pr ocedu re of V oice VLAN : Step Ope ration Description 1 Configur e the link type of the por t Required. On VLA N→802.1 Q VLA N→Port Confi g page , configure t he link type of por ts of the v oice device. 2 Create VLAN Req uired. On VLA N→802.1Q VLA N→Port Confi g page , ...
TP-Link TL-SG3424P - page 164

Chapter 10 PoE No te: Onl y TL - SG3424P su pport s PoE f unct ion. PoE (Power ov er Ethernet ) technology describes a sy stem to transmit electr ical power al ong with data t o remote devic es over standard tw isted - p air cable in a n Ethernet net work. It is especially useful for su pplying pow er to IP telephones, w ireless LAN acce ss point s ...
TP-Link TL-SG3424P - page 165

PoE Con fig, mainly f or PoE attri butes con figuratio n , i s impl emen ted on PoE Config and PoE Tim e - R ange ages. 10.1.1 PoE Config On this pa ge, you can co nfigure the p arameters to imple ment PoE funct ion. Choose the menu PoE → Po E Config → PoE C onfig to load the foll owing pa ge . Figure 10 - 1 PoE Conf ig The following item s are ...
TP-Link TL-SG3424P - page 166

Port : Displays the port number . PoE S ta tus : Select to disab le/enable the Po E feature for the corr espondin g port. If set enable, the correspo nding port ca n supply pow er to the linked PD ( Powered Devi ce). PoE Priority : The priority levels includ e High, Middle an d Low in descend ing order . W hen the su pply pow er exceeds the sy stem ...
TP-Link TL-SG3424P - page 167

The following item s are d isplayed on t his screen:  Create PoE Pr ofile Profile Name: Enter the nam e of the profile . PoE S ta tus : Select to the enabl e/disable P oE feature for t he co rrespond ing port. If set enable, the port may supply power t o the linked PD (Power Dev ice). PoE Priority : The priority levels includ e High, Middle and ...
TP-Link TL-SG3424P - page 168

The following item s are di splayed on this scr een:  Tim e - Range T able Select: Select the desir ed entry to delete the corresp onding time - range. Index : Displays t he index of the ti me - range. Tim e - R ange N ame: D isp lays the na me of the time - ran ge. Slice: Displays the t ime - slice of t he time - range. Mode : Display s the mod ...
TP-Link TL-SG3424P - page 169

W eek: Sele ct W eek to co nfigure wee k time - range. T he port bas ed on this time - range will sup ply pow er based on this time - range when the system time is within the week tim e - range .  Create T ime - Slice St art Time: Set t he start time of the time - slice. En d Ti me : Set the end time of th e time - slice.  Tim e - Slic e T ab ...
TP-Link TL-SG3424P - page 170

Holiday Name: Disp lays the name o f the holiday . St art Date: Display s the star t date of the ho liday . End Date: Disp lays the end date o f the holiday . Return to CONTEN TS 160 ...
TP-Link TL-SG3424P - page 171

Chapter 11 ACL ACL (Access C ontrol List) is used t o filter packet s by configuring match rules and proc ess policie s of pac kets in order to control the access of the il legal users to t he networ k. Besides, ACL functions to control tr affic flows and sav e network resource s. It prov ides a flexible and secured acce ss control pol icy and faci ...
TP-Link TL-SG3424P - page 172

11.1.2 Ti me - Range Cr eate On this pa ge you can cre ate time - ranges . Choose the menu AC L → Time - Ran ge → Tim e - Range Create t o load the follo wing page. Figure 11 -2 Ti m e - Range Create No te: T o success fully configure t ime - ran ges, please f irstly specify time - slices an d then time - ran ges. The following entri es ar e di ...
TP-Link TL-SG3424P - page 173

En d Ti me : Displays the end t ime of the t ime - slic e. Delete: Cl ick the Delete button to del ete the corres ponding ti me - sli ce. 11.1.3 Holida y Confi g Holiday m ode is app lied as a dif ferent se cured acc ess contro l policy fro m the w eek mode. On this page y ou can define ho lidays ac cording to your work arrange ment. Choose the men ...
TP-Link TL-SG3424P - page 174

11.2.1 ACL Summar y On this pa ge, you can v iew the cur rent ACLs config ured in the s wit ch . Choose the menu AC L → A CL Config → A C L Summary to load the followi ng page. Figure 11 -4 ACL Summar y The follow ing entries are disp layed on t his screen:  Search Opti on Select A CL: Select the ACL you have c reated A C L Ty p e : Displays ...
TP-Link TL-SG3424P - page 175

11.2.3 M AC ACL MAC ACLs a nalyz e and process pac kets bas ed on a serie s of match condit ions, w hich can be t he source MA C addresses , destinatio n MAC addres ses, VL AN ID, and Ether T ype carried in t he packe ts. Choose the me nu ACL → A CL Config →M AC AC L to load the foll owing pa ge. Fi gure 11 -6 Create M AC Rule The follow ing en ...
TP-Link TL-SG3424P - page 176

11.2.4 S tandard - IP A CL S tandard - IP ACL s analyz e and process data p acket s based on a ser ies of match conditio ns, whic h can be the sour ce IP ad dresses a nd destinatio n IP addresses car ried in the p ackets. Choose the menu AC L → A CL Config → St andard - IP ACL to load the follow ing pag e. Fi gure 11 -7 Create S tanda rd - IP R ...
TP-Link TL-SG3424P - page 177

Choose the menu AC L → A CL Config →Ex tend - IP AC L to load the following page. Fi gure 11 -8 Create Exten d - IP Rule The follow ing entries are disp layed on t his screen:  Create Exte nd - IP AC L A CL I D: Select the des ired Exten d - IP ACL for configur ation. Rule I D: Enter t he rule ID. Ope ration: S ele ct t he oper ation for t h ...
TP-Link TL-SG3424P - page 178

I P To S : Enter the I P - T oS cont ained in the r ule. IP P re : Enter the IP Precedence c ontained in the rule. Tim e - R ange: S elect the tim e - range for the rule to t ake ef fect. 11.3 Poli cy Confi g A Policy is use d to cont rol the dat a pac kets th ose match the cor respondi ng ACL rules by configuri ng ACLs and actions toget her for ef ...
TP-Link TL-SG3424P - page 179

Choose the menu AC L → Policy Config →Policy Create to load the f ollowing page. Figure 11 - 10 Create Policy The follow ing entries are disp layed on t his screen:  Create Poli cy Polic y Name: Enter the na me of the poli cy . 11.3.3 A ct ion Creat e On this pa ge you can a dd ACLs and create corr esponding act ions for the po licy . Choose ...
TP-Link TL-SG3424P - page 180

S- Condi tion: Sel ect S - Conditio n to limit t he transmissi on rate of t he dat a pac kets in the policy .  Rate: S pecify the forward ing rate o f the dat a p acket s those match the corresp onding ACL.  Out of Ba nd: S peci fy the disposa l way of the data packet s those are trans mitted beyond t he rate. Redirect : Select Redirect to ch ...
TP-Link TL-SG3424P - page 181

Index : Displays t he index of the bin ding policy . Policy Name: Display s the name of the binding policy . Interface: Displays t he port number or VLAN ID bound t o the policy . Dir ection: D isp lays the bindi ng direction. 11.4.2 Port Bindi ng On this pa ge you can b ind a policy to a por t. Choose the menu AC L → Policy Binding →Port Bindi ...
TP-Link TL-SG3424P - page 182

Choose the menu AC L → Policy Binding → V L AN Binding to load the follow ing pag e. Fi gure 11 - 14 Bind the policy to the VLAN The follow ing entries are disp layed on t his screen:  V L AN - Bind Co nfig Policy Name: Select the nam e of the policy y ou want to bind. VLA N ID: Ent er the ID of the VL AN you w ant to bind.  V L AN - Bind ...
TP-Link TL-SG3424P - page 183

3. The staf f of the m ar keting dep artment can acce ss to the Internet all day but cann ot visit th e forum durin g the working t ime. 4. The R & D dep artment and marketin g depar tment canno t com municate with eac h other .  Network Di agram  Confi gurati on Proced ure Step Ope ration De scription 1 Conf igure Ti me - range On AC L ? ...
TP-Link TL-SG3424P - page 184

Step Ope ration De scription 3 Configur e for require ment 2 and 4 On AC L →ACL Config →A CL Creat e p age, create ACL 100. On AC L →A CL Confi g→S t andar d - I P AC L page, select ACL 100, create Rul e 1, configur e operation a s Deny , configure S -I P as 10.10 .70.1 a nd mask as 255.25 5.255.0, con figure D - IP as 10.10 .50.1 and mask ...
TP-Link TL-SG3424P - page 185

Chapter 12 Network Security Networ k Security mo dule is to prov ide the mu ltiple protect ion measur es for the net work secur ity , in cludi ng f our subme nus: IP - MA C Bindi ng , A RP I nspecti on , DoS Def end and 802.1X . Ple ase configure t he function s appropriat e to your need. 12.1 IP- M A C Bi nding The IP - MA C Binding function allow ...
TP-Link TL-SG3424P - page 186

The following entries are displayed on t his screen:  Search Opti on Sou rce: Select a Source from th e pull - down list and c lick the Searc h button to v iew your desire d entry in the Bin ding T able. • All : All the boun d entries will be di splayed. • Manu al: Only the manually added e ntries will be displayed. • Scanni ng: Only the e ...
TP-Link TL-SG3424P - page 187

2. Among t he conflicting entr ies with the sa me Source priority , only the last added or edited o ne will t ake ef fect . 12.1.2 Manual Bi nding Y ou can manually bind the I P address, MAC address, VLAN I D and the Port number t ogether in the conditio n that you hav e got the relate d informat ion of the Host s in the LA N. Choose the menu Netwo ...
TP-Link TL-SG3424P - page 188

Protect T ype: Displays the Protect T ype of the entry . Collis ion: Displays the Collision st atus of the entry . • W arning: Indicates t hat the coll ision may be caused by the MSTP function. • Critical: Indicates t hat the entry has a collisio n with the other entries. 12.1.3 ARP Scanning ARP (Address Re solution Protocol) i s used to analy ...
TP-Link TL-SG3424P - page 189

Figure 12 - 4 AR P Scanni ng The following entries are displayed on t his screen:  Scanni ng Opti on St art IP A ddre ss: S pecify the S tart I P A ddre ss. End IP A ddress: S pecify the End IP Address. VLA N ID: Enter the VLAN ID. If blank, the swit ch will s end the unt agged pac kets for scan ning. Sc an: Click the Scan button to scan the H o ...
TP-Link TL-SG3424P - page 190

networ k configuration prot ocol optimized an d developed bas ed on the BOOTP , functions to solv e the above ment ioned prob lems.  DHCP W ork ing Principle DHCP works via t he “Client /Server” co mmunicatio n mode. The Client appli es to the Serv er for configurat ion. The Serv er assigns t he configur ation infor mation, such as t he IP a ...
TP-Link TL-SG3424P - page 191

The most Cl ients obt ain th e IP addr esses dyna mically , which is illustrated in t he following figure. Figure 12 - 6 Interact ion betw een a DHCP cl ient and a D HCP ser ver （ 1 ） DHCP - DISC OVER Stage: The Client broad casts t he DHC P - DISC OVER packet t o fi nd t he DHCP Server . （ 2 ） DHCP - OFFE R Stage: Upon r eceiving the DHC P ...
TP-Link TL-SG3424P - page 192

supported O ption 82 also can set the distributi on policy of IP addresses and the other paramet ers accordin g to the Option 8 2, providing mor e flexible addr ess distr ibution way . Option 82 ca n cont ain 255 su b - options at most. If Opt ion 82 is de fined, at least a sub - op tion should be de fined. Th is swi tch supports tw o sub - optio n ...
TP-Link TL-SG3424P - page 193

DHCP Snooping feat ure prev ents the netw ork from the DHCP Server Che ating Att ack by discarding t he DHCP pac kets on the distrusted p ort, so as to enh ance the netw ork security . Choose the menu Netwo rk Security → IP - MAC Bin ding → DH CP S noopin g to load the follow ing page . Figure 12 - 8 DHCP Snooping No te: If you want to enable t ...
TP-Link TL-SG3424P - page 194

The following entries are displayed on t his screen:  DHCP Snoo ping Config DHCP Snoo ping: Enable/D isable the D HCP Snooping functi on globall y . Global Flow Control : Select the v alue to spe cify the maxi mum amount of D HCP messages t hat c an be forw arded by the sw itch per second. Th e excessive massages will be discarded. Decline T hre ...
TP-Link TL-SG3424P - page 195

Decline Pr otect: Select Enab le/Disab le the Decline Prot ect featur e. L AG : Displays the LAG to which the port belo ngs to. 12.2 ARP Inspec tion According t o the ARP I mplement ation Proc edure st ated i n 12.1.3 ARP Sca nning , it can be foun d that ARP protocol ca n facilitate the Hosts in the same net work segme nt to communi cate with one ...
TP-Link TL-SG3424P - page 196

Figure 12 - 10 AR P A tta ck – Cheating G ateway As the abov e figure sh own, the at tac ker sends the fake ARP pac kets o f Host A to the Gateway , and then the Gat eway will autom atically update its ARP tab le after receiving t he ARP p acket s. When the Gatew ay tries to commun icate with Host A in LA N, it will encapsu late this fals e desti ...
TP-Link TL-SG3424P - page 197

Figure 12 - 11 AR P At tack – Cheat ing T erminal Hosts As the abov e figure show n, the att acker se nds the fa ke ARP pac kets o f Host A to Host B, and then Host B will auto matically update its ARP tab le after receiving the A RP pa ckets. W hen Host B tries to commun icate with Hos t A, it will encaps ulate this false de stination M AC addre ...
TP-Link TL-SG3424P - page 198

Figure 12 - 12 Man - In - The - Middl e At tack Suppose t here are three Hosts in L AN connected with one another through a switch. Host A: IP address is 192. 168.0.10 1; MAC addr ess is 00 - 00 - 00 - 11 - 11 - 11 . Host B: IP address i s 192.168.0.10 2; MAC addr ess is 00 - 00 - 00 - 22 - 22 - 22. Attac ker: IP address is 19 2.168.0.10 3; MAC add ...
TP-Link TL-SG3424P - page 199

The IP - MA C Binding function a llows the sw itch to bind the IP addre ss, MAC a ddress, VL AN ID and the conn ected Port number of t he Host toget her when t he Host conne cts to the switch. Bas ed on the prede fined IP - M AC Binding entries, the ARP Inspect ion functi ons to det ect the ARP p acket s and filter t he illegal ARP pac ket so as to ...
TP-Link TL-SG3424P - page 200

Configuration Proce dure: Step Ope ration Description 1 Bind the IP addr ess, MAC address, VLAN ID and t he connected Port nu mber of the Host toget her . Required. On the IP - MAC B inding page, bind the IP address, MAC address, VLA N ID and the connected Port number of the Host together via Manual Bind ing, ARP Scanning or D HCP Snooping. 2 Enabl ...
TP-Link TL-SG3424P - page 201

The following entries are displayed on t his screen:  A RP Defend Port Select : Cli ck the Select butt on to quick - select the c orrespon ding port based on the port number you entered. Select: Sel ect y our desired port for configuration. I t is multi - optional. Po rt: Displays the port number . De fend: Select Enab le/Disab le the ARP Def en ...
TP-Link TL-SG3424P - page 202

Choose the menu Network Security → A RP Ins pection →A RP St atistics to load the follow ing page . Figure 12 - 15 ARP S tatist ics The following entries are displayed on t his screen:  Auto Refresh Auto Refresh: Enable/D isable the Auto Refresh featur e. Ref resh Interval: S peci fy the refresh int erval to disp lay the ARP S tatist ics. ? ...
TP-Link TL-SG3424P - page 203

DoS A tt ack T y pe De scription Land Att ack T he attacker se nds a specifi c fake SY N packet to the destin ation Host. Since both the source I P add ress and th e destinati on IP address of the SYN packet are set t o be the IP address of the Host, the Host will be trapped in an endless cir cle for buildin g the initial conn ection. The per forma ...
TP-Link TL-SG3424P - page 204

Choose the menu Networ k Security → D oS Defe nd → DoS D efen d to load the following p age. Figure 12 - 16 DoS Def end The following entries are displayed on t his screen:  Con fig ure DoS Defend: Enable/D isable DoS D efend functi on.  Defend T able Select: Select the ent ry to enable t he correspond ing Defend T ype. Defend T ype : Dis ...
TP-Link TL-SG3424P - page 205

 Archi tecture of 802.1 X Authent ication 802.1X adopt s a client/serv er architecture w ith three entities: a supplicant sy stem, an authent icator syste m, and an authent ication serv er system, as show n in the f ollowing figur e. Figure 12 - 17 Architecture of 802.1X aut henticati on （ 1 ） S upplicant System: The supplic ant system is an ...
TP-Link TL-SG3424P - page 206

 802.1 X A uthenticat ion Proce dure An 802.1X authenticat ion can b e initiated by supplic ant system or authentic ator syst em. When th e authent icator system det ects an un authenticate d supplicant in L AN, it will initiat e the 802.1X authent ication by sending EAP - Req uest/Identit y pac kets to t he supplicant. The supplicant system can ...
TP-Link TL-SG3424P - page 207

4. Upon rec eiving the user n ame from the switch, th e RADI US server retrieves t he user na me, finds the corres ponding p assword by matching t he user name in its dat abas e, encrypt s the passw ord using a rando mly - generate d key , and sends the key t o the switch through an RADI US Acc ess - Cha llenge pac ket. The sw itch then sends the k ...
TP-Link TL-SG3424P - page 208

further aut hentication. Whereas the r andomly - generated key i n EAP - M D5 relay mode is generat ed by the aut henticat ion serv er , and the switc h is respons ible to en capsu late the aut henticat ion pac ket and forward it t o the RADIUS s erver .  802.1X T imer In 802.1 x authentic ation, t he following t imers ar e used to ensure that t ...
TP-Link TL-SG3424P - page 209

Choose the menu Networ k Security → 802.1X → Global Con fig to load the following p age. Figure 12 - 20 Glob al C onfig The following entries are displayed on t his screen:  Global Co nfig 802.1X : Enable/D isable the 802. 1X function. Aut henticati on Meth od: Select the Authenticatio n Method fro m the pull - dow n list. • E AP - MD5: IE ...
TP-Link TL-SG3424P - page 210

Quiet Pe riod: S pecify a value for Qui et Period. Once t he supplicant fai led to the 802.1X Authe ntication, then the switc h will not respond t o the authe ntication r equest fr om the sa me supplicant dur ing the Qu iet Period. Retry T imes: S pecify the max imum trans fer times o f the repeated authent ication request . Suppli cant T imeo ut: ...
TP-Link TL-SG3424P - page 211

Po rt: Displays the port number . S ta t u s : Select Enabl e/Disable th e 802.1X authent ication featur e for the port. Guest VLA N: Sel ect E nabl e/Di sab le the Guest VL AN feature for t he port. Control Mode: S pecify the Contro l Mode for the port . • A uto: In this mode, the port will nor mally work only af ter pass ing the 802.1X Authenti ...
TP-Link TL-SG3424P - page 212

The following entries are displayed on t his screen:  Aut henticati on Config Primary IP: Enter the IP addre ss of the authent ication serv e r. Secondary IP: Enter the IP addre ss of the alternate a uthenticat ion serv er . Aut henticati on Port: Set the UDP port of auth entication serv er(s). The def ault port is 1812 Key Modify ： Select to ...
TP-Link TL-SG3424P - page 213

Step Ope ration Description 5 C onf igure the 802.1X for the port. Required. On the Netwo rk Sec uri ty → 802.1 X → Po rt Confi g page, configure the 802. 1X feature for t he port of the switch ba sed on the a ctual netw ork. Return to CONTEN TS 203 ...
TP-Link TL-SG3424P - page 214

Chapter 13 SNMP  SNM P Overvie w SNMP (Simple Network M anagement Prot ocol) has gai ned the most ex tensiv e application on th e UDP/IP networ ks. SNMP provides a manage ment frame to monitor a nd mainta in the netw ork devices. It is used for aut omatically managing the v arious networ k devices no matter the physica l dif ferences of the d ev ...
TP-Link TL-SG3424P - page 215

SN MP v1: SNM P v1 adopt s Commun ity Name aut henticatio n. The co mmunity name is used to define the r elation betw een SNMP Mana gement S tation and SN MP A gent. The SNMP pac kets failing to p ass commun ity name authent ication ar e discarded. Th e community name can limit access to SN MP Agent from SNM P NMS, functionin g as a pas sword. SNMP ...
TP-Link TL-SG3424P - page 216

3. Create SNM P User The User con figured in a n SNMP Gro up can m anage the switc h via the client progra m on manage ment st ation. The specif ied User Name and the Auth/ Privacy Password are used for SNMP Manage ment S tation t o access the S NMP Agent, functionin g as the p assword. SNMP module is used to c onfigure the S NMP funct ion of the s ...
TP-Link TL-SG3424P - page 217

No te: The amount o f Engine ID characters m ust be even. 13.1.2 S NM P Vi ew The OID (O bject Ide ntifier) of the SNMP p ackets is used to des cribe the m anaged object s of the switch, and t he MIB (Manageme nt Information Ba se) is the set of t he OIDs. The SNMP View is created for t he SNMP ma nagement st ation to mana ge MIB objects. Choose th ...
TP-Link TL-SG3424P - page 218

13.1.3 SNMP Group On this p age, y ou can configur e SNMP Grou p to control the net work acce ss by prov iding the user s in various gr oups w ith diff erent manage ment right s via the Read V iew , Write V iew and Not ify V iew . Choose the menu SNMP → SNM P C on fi g →SN M P G ro up to load t he followin g page. Figure 13 - 5 SNMP Group The f ...
TP-Link TL-SG3424P - page 219

Re ad View: Select the V iew t o be the Read V iew . The manage ment a ccess is restricted t o read - only , and cha nges cannot be made to the assigned S NMP V iew . Write Vie w: Select the View t o be the Write Vi ew . The mana gement acc ess is writing only and changes can be made to t he assigned SNM P View . The V iew def ined both as t he Rea ...
TP-Link TL-SG3424P - page 220

Choose the menu SNMP → SNM P C on fi g →SNMP User to l oad the foll owing pag e. Figure 13 - 6 SN MP U se r The following entries are displayed on t his screen:  User Config User Name: Enter the User Name here . User T y pe: Select the t ype for the U s e r. • Local User: Indicates tha t the user is co nnected to a local SNMP engine. • R ...
TP-Link TL-SG3424P - page 221

Privacy Password : Enter the Pr ivacy Passwo rd.  User T able Select: Select the d esired entry to delete t he correspo nding User . It is mul ti - op tion al. User Name: Displays the name of the User . User T y pe: Displays the User T ype. Gro up N ame: Displays the Group Na me of the User . Se curit y Mod el: Displays the Security Model of the ...
TP-Link TL-SG3424P - page 222

Access: Def ines the a ccess rights of the commun ity. • read - onl y: Management right of the Com munity is restricted t o read - on ly, and change s cannot be made to the correspond ing View. • read - write: Manage ment right of t he Community is read - write a nd chan ges can be made to the c orrespond ing View. M IB Vi ew : Select the MI B ...
TP-Link TL-SG3424P - page 223

 If SNMPv1 or SNMPv2c is employed, p lease ta ke the follow ing steps: Step Ope ration Description 1 Enabl e SNMP f unction glo bally . Required. On the SNMP → SNM P Co nf ig →Global Confi g page, enable SNMP funct ion global ly . 2 Create SNM P Vi ew . Required. On the SNMP → SNM P C on fi g →S NMP View page, create SNM P V iew of the m ...
TP-Link TL-SG3424P - page 224

Cho ose the menu SNMP → N otific ation → Notification to lo ad the followi ng page. Figure 13 - 8 Notificat ion Config The following entries are displayed on t his screen:  Create Not ification IP M ode : Select the IP Mode . IP Address : Enter the IP Address o f the manageme nt Host. UDP Port: Enter the nu mber of the UDP port used to send ...
TP-Link TL-SG3424P - page 225

 Notific ation T a ble Select: Select the des ired ent ry to delete the correspon ding manage ment st ation. IP Address : Displays the IP Address of the manage ment host. IP M o de: Displays the IP Mode of the manag ement host. UDP Port: Displays the UDP por t used to send n otificatio ns. User: Displays the User name o f the manage ment stat io ...
TP-Link TL-SG3424P - page 226

RM ON Gro up Func tion Alarm Group Alarm Gr oup is confi gured t o monitor the sp ecific ala rm variabl es. When the value of a monitor ed variab le exceeds the thresh old, an alarm ev ent is generated, which triggers the switch t o act in the set w ay . The RMO N Groups can b e configured on the Hi story C ontrol , Event Config and Alarm Config pa ...
TP-Link TL-SG3424P - page 227

Choose the menu SNMP → RM ON → Event Config to load the fo llowing page. Figure 13 - 10 Event C onfig The following entries are displayed on t his screen:  Event T able Select: Select the des ired entry for configurat ion. Index : Displays the index numbe r of the entry . User: Enter the name of the User or t he commu nity to which th e even ...
TP-Link TL-SG3424P - page 228

Choose the menu SNMP → RM ON → Alarm Config to load the following pag e. Figure 13 - 11 Alar m Conf ig The following entries are displayed on t his screen:  Alarm T able Select: Select the des ired entry for configurat ion. Index : Displays the index numbe r of the entry . V ar iable: Select the al arm variab les f ro m the pull -d own li st ...
TP-Link TL-SG3424P - page 229

• Falling: When the sam pled value is und er the Falli ng Thresho ld, an alarm ev ent is triggered. Interval: Enter the alar m interval ti me in secon ds. Ow ner: Enter the na me of the device or user that def ined the ent ry . S ta t u s : Select Enab le/Disab le the correspo nding alar m entry . No te: W hen alarm v ariables exceed the Thres ho ...
TP-Link TL-SG3424P - page 230

Chapter 14 Cluster With the dev elopment of n etwork techno logy , the netw ork scale is getti ng larger and m ore networ k devices are re quired, whic h may result in a mor e complicated n etwor k management s ystem. As a large number of dev ices need t o be assigned dif ferent network addresse s and every management device need s to be res pectiv ...
TP-Link TL-SG3424P - page 231

 The current switch you cr eate cluster is specified a s the commander switch.  The command er switch d iscovers and det ermines cand idate switc hes by collect ing related informati on.  After being added to t he cluster , the candidate sw itch becom es to be the mem ber switch,  After being remov ed from the clu ster , the me mber swi ...
TP-Link TL-SG3424P - page 232

Choose the menu Cluster → NDP → Neigh bor Inf o to load the fo llowing p age. Figure 14 - 2 Neighbor I nformat ion The follow ing entries are disp layed on t his screen:  Ne ighbor Search Opti on: Se lect the informat ion the desire d entry should co ntain and then click the Sea rch button to display the desired entry in the following Neighb ...
TP-Link TL-SG3424P - page 233

Choose the menu Cluster → NDP → NDP Summary to load the followin g page. Figure 14 - 3 ND P Sum m ary The follow ing entries are disp layed on t his screen:  Global Co nfig NDP: Displays the global NDP status (en abled or disabled) for the switch. Agi ng Ti me: Displays the period for the neighb or switch to keep the N DP packe ts fr om thi ...
TP-Link TL-SG3424P - page 234

Det ail ： Click the Det ail button to v iew t he complete in formation co llected for the port. 14.1.3 NDP Confi g On this pa ge you can c onfigure the NDP f unction for the switch. Choose the menu Cluster → NDP → NDP Config to l oad the follow ing page. Figure 14 - 4 NDP Con f ig The follow ing entries are disp layed on t his screen:  Glo ...
TP-Link TL-SG3424P - page 235

Dis ab le: Click the Disable button to disa ble NDP for the port you select. No te: 1. NDP function is effectiv e only w hen NDP function is enab led globa lly and for the port . 2. The aging t ime should be set over the hello time val ue; otherwise this settin g will be inv alid and w ill not take effect. 14.2 NTDP NTDP ( Neighbor T opology Discov ...
TP-Link TL-SG3424P - page 236

Ro le: Displays the r ole this devic e plays in the clust er .  Command er: Indicat es the device t hat can con figure and manage all t he devices in a clust er .  Me mber: Indicates the d ev ice that is managed in a cluster .  Candidate: Indicates the device that do es not belo ng to any cluster tho ugh it can be added t o a cluster .  ...
TP-Link TL-SG3424P - page 237

Choose the menu Cluster → NTDP → NTDP Summa ry to load the following page. Figure 14 - 7 NTDP S ummary The follow ing entries are disp layed on t his screen:  Global Co nfig NTDP: Displays the NTDP statu s (enable d or disabled) of the switch globally . NTDP Interval Time: Displays t he interval to co llect topo logy informat ion. NTDP Hop s ...
TP-Link TL-SG3424P - page 238

14.2.3 NTDP Confi g On this pa ge you can c onfigure NT DP global ly . Choose the menu Cluster → NTDP → NTDP Confi g to load the followin g page. Figure 14 - 8 NTDP Config The follow ing entries are disp layed on t his screen:  Global Co nfig NTDP: Select Enab le/Disable N TDP for the switch glob ally . NTDP Interval T ime: Enter the interva ...
TP-Link TL-SG3424P - page 239

Select: Select the desire d port for NT DP st atus con figuratio n. Po rt: Disp lays the port nu mber of the switc h. NTDP: Disp lays NTDP stat us (enabled or di sabled) of the c urrent port . Ena ble: C lic k the Enab le button to enable NTDP fea ture fo r the port y ou select. Dis able: Click the Disable button to disab le NTDP fe ature for t he ...
TP-Link TL-SG3424P - page 240

 For a memb er switch, the following p age is disp layed: Figure 14 - 10 Cluster Summary for Member Switch The follow ing entries a re display ed on t his screen:  Global Co nfig Cluster: Displays the clust er st atus (enabl ed or disabled) of the switch. Cluster R ole: Display s the role the switc h plays in the cluster . Clus te r Nam e: Di ...
TP-Link TL-SG3424P - page 241

Choose the menu Cluster → Cluster → Cluster Config to load the following pa ge.  For a candidat e switch, the following p age is disp layed. Figure 14 - 12 Cluster Co nfiguration for Candid ate Switch The follow ing entries are disp layed on t his screen:  Current Role Ro le: Displays the r ole the curre nt switch plays i n the cluster . ...
TP-Link TL-SG3424P - page 242

 For an indiv idual switch, t he followi ng page is dis play ed. Figure 14 - 14 Cluster Co nfiguration for Indivi dual Switch The follow ing entries a re display ed on t his screen:  Current Role Ro le: Displays the r ole the curre nt switch plays i n the cluster .  Ro le Cha nge Can dida te: Select this opt ion to chan ge th e role of t h ...
TP-Link TL-SG3424P - page 243

 Network Di agram Figure 14 - 15 Netw ork diagra m  Confi gurati on Proced ure  Configur e the member switch Step Ope ration Description 1 Enable NDP function on t he switch and for por t 1 On Cluster →NDP→NDP Co nfig page, enable NDP fu ncti on. 2 Enable NTDP funct ion on the switch and for por t 1 On C lust er →NTDP→NTDP C onfig ...
TP-Link TL-SG3424P - page 244

Step Ope ration Description 4 Conf igure the me mber switc h On Cluster → Cluster→Member C onfig page, select the member sw itch and cl ick the Manag e button to log on to its W eb managemen t page. Or On Cluster → Cluste r→Clu ster T opology page, double - cli ck the switch icon to view its det ail ed informati on; clic k the switch i con ...
TP-Link TL-SG3424P - page 245

Chapter 15 LLDP No te: Onl y TL - SG3424P su pport s LLDP function. LLDP (Link Layer Discovery Protocol) is a Layer 2 protocol that is us ed for networ k devices to advertise t heir own dev ice infor mation perio dically to nei ghbors on th e same IEEE 802 local area networ k. The advertised infor mation, includi ng det ails such as device identi f ...
TP-Link TL-SG3424P - page 246

or to allow t he port t o both trans mit and r eceive LL DPDUs. Four LL DP admin stat uses are supported by each port.  Tx&Rx: t he port can both t ransmit and rec eive LLDP DUs.  Rx_Only : the port can r eceive LL DPDUs only .  Tx_On ly: the port c an transmit LLDP DUs only .  Disable: the port cannot transmit or receive LLD PDUs. ...
TP-Link TL-SG3424P - page 247

The follow ing tabl e shows the det ails about the current ly defined TL Vs. T LV t y p e T LV N a m e Descr iption Usage in LLDPDU 0 End of LLDP DU Mark the end o f the TL V sequence in LL DPDUs. Any infor mation follow ing an End Of LL DPDU TL V shall be ignored. Mandatory 1 Ch assi s ID Identifies the Chassis address o f the connec ted device. M ...
TP-Link TL-SG3424P - page 248

No te: For deta iled introdu ction of TL V , please refer to I EEE 802.1 AB stand ard and ANSI/T IA - 105 7 . In TP - L INK switch , the f ollowing L LDP opt ional TL Vs are supported. T LV Ty pe Description Port Description TLV The Port Descr iption TLV allow s network man agement to advertise t he IEEE 802 L AN station's port descript ion. S ...
TP-Link TL-SG3424P - page 249

The LLDP modu le is main ly for LLDP fun ction con figuration o f the swit ch, includi ng three submenus: Basic Confi g , Device Info , Device St atistics and LLDP - MED . 15.1 Basic Conf ig LLDP is configured o n the Globa l Config and Port Config pa ges. 15.1.1 Global Confi g On this pa ge you can c onfigure the L LDP p ara meters of the dev ice ...
TP-Link TL-SG3424P - page 250

Fast St art Ti me s : W hen th e port's LL DP st ate t ransforms fro m Disable (or Rx_On ly) to Tx&Rx (or Tx_Only ), the fast st art mechan ism wi ll be enabled, that is, the t ransmit interv al will be shorten to a second, and several LL DPDUs will b e sent out (the nu mber of LL DPDUs equals this p aramet er). The default v alue is 3. 15 ...
TP-Link TL-SG3424P - page 251

15.2 De vice Info Y ou can view the LL DP infor mation o f the local dev ice and its neighbor s on the Loc al Info and Neighb or Info pages r espectively . 15.2.1 Local I nfo On this pa ge you can s ee all port s' config uration and sy stem informat ion. Choose the menu LLDP → Devi ce Info → Loca l Info to load the fo llowing pa ge. Figure ...
TP-Link TL-SG3424P - page 252

Refr es h Ra te: S pecify the auto refresh r ate.  Local Info Enter the des ired port number and click Select to display t he information of th e correspond ing port. 15.2.2 Neighbor I nfo On this pa ge you can g et the inform ation of the neig hbors. Choose the menu LLDP → Devi ce Info → Neighbo r Info to load the follow ing page. Figure 15 ...
TP-Link TL-SG3424P - page 253

Choose the menu LLDP → Devi ce St atisti cs → Stat i s tic Info to load the follow ing page. Figure 15 -5 LLDP S tatistic Inform ation The following entries are displayed on t his screen :  Auto Refresh Auto Refresh: Enable/Disab le the auto refres h function. Refresh Ra te: S peci fy the auto refre sh rate.  Global Statistics Last Up dat ...
TP-Link TL-SG3424P - page 254

 Neighbor S t atistics Port Select : Click the Select button to quick - select the corr esponding por t based on the port number you entered. Po rt: Disp lays local devic e's port number . T ransmit T otal: Di splays the nu mber of LLDPD Us sent by t his port. Receiv e T ot al: Dis plays the nu mber of LLDPD Us received by this port. Discar ...
TP-Link TL-SG3424P - page 255

TLV Ty pe Func tion Locati on Ident ificat ion TLV The Locati on Identific ation TLV prov ides for adv ertisement of location ide ntifier infor mation to Co mmunicatio n Endpoint Devices, bas ed on configur ation of the Networ k Connectivity Device it's connecte d to. Y ou can set the Locatio n Identificat ion content in Location Ident ificat ...
TP-Link TL-SG3424P - page 256

15.4.2 Port Confi g On this pa ge you can c onfigure al l ports' L LDP - MED p arameters. Choose the menu LLDP → LLDP - M ED → Port Config to load the f ollowing p age. Figure 15 -7 LLDP - MED P ort Conf iguration The following entries are displayed on t his screen :  LLDP - MED Port Config Port Select : Select t he desired port to conf ...
TP-Link TL-SG3424P - page 257

 Includ ed TL Vs Select TL Vs to be include d in outgoing LL DPDU.  Location Id entificati on Paramet ers Configur e the Location Id entificatio n TLV's content in outgoing L LDPDU of the por t. Emerge ncy Numb er : Emergency number is E mergency Call Service E LIN identifier , which is use d during eme rgency call set up to a tradit ion ...
TP-Link TL-SG3424P - page 258

Choose the menu LLDP → LLDP - M ED → Local Info to load the follow ing pa ge. Figure 15 -8 LLDP - MED L ocal Inf ormation Th e following entries are displayed on t his screen :  Auto Refresh Auto Refresh: Enable/Disab le the auto refres h function. Refresh Ra te: S pecify t he auto refresh ra te.  Local Info Enter the des ired port number ...
TP-Link TL-SG3424P - page 259

Choose the menu LLDP → LLDP - M ED → Nei ghbor Info t o load the follow ing page. Figure 15 -9 LLDP - MED Ne ighbor I nformation The following entries are displayed on t his screen :  Auto Refresh Auto Refresh: Enable/Disab le the auto refres h f unction. Refresh Ra te: S pecify t he auto refresh ra te.  Neighb or Info Port Select : Click ...
TP-Link TL-SG3424P - page 260

Chapter 16 Maintenance Maintenan ce module, assemblin g the common ly used syst em tools to ma nage the switc h, provides the c onvenient method to lo cate and solve t he networ k problem. （ 1 ） Syst em Monitor: Mon itor the ut ilization st atus of the me mory and the C PU of switch. （ 2 ） Log: V iew the c onfigurati on para meters of the s ...
TP-Link TL-SG3424P - page 261

Cli ck the Monitor but ton to enable t he switch to monitor and dis play it s CPU utiliz ation rate ever y four secon ds. 16.1.2 Memor y Moni tor Ch oose the menu Mainte nance → Sy stem M onitor → Memory Mo nitor to load the following pa ge. Figure 16 - 2 Memory Monitor Clic k the Monit or button to enable the switch t o monitor and dis play it ...
TP-Link TL-SG3424P - page 262

notificatio ns 5 Nor m al but sig nificant c onditions informati onal 6 Inf ormational m essages debugging 7 Debu g - level m essages T able 16 -1 L og Level The Log function is implemented o n the Log T able , Local Lo g , Remot e Log and B ackup Log page s. 16.2.1 Log T able The switch suppor ts logs out put to two directions, n amely , log buf f ...
TP-Link TL-SG3424P - page 263

No te: 1. The logs are c lassified into eight levels based on sev erity . The higher the informat ion severity is, the lower the c orrespo nding level is. 2. This p age display s logs in the log bu ffer , and at most 512 logs are display ed. 253 ...
TP-Link TL-SG3424P - page 264

16.2.2 Local Log Loca l Log is the log infor mation saved in switc h. By default, all system logs from level _0 to level_6 are saved in log buf fer . On this pa ge, you can set t he output cha nnel for logs. Choose the menu Maint enance → Log →Loca l Log to load the follow ing page . Figure 16 - 4 Local Log The following entries are displayed o ...
TP-Link TL-SG3424P - page 265

Choose the menu Maint enance → Log →Rem ote Log t o load the follow ing p age. Figure 16 - 5 Log Host The following entries are displayed on t his screen:  Log Host Index : Displays the index of the log host . The switch su pport s 4 log hosts. Hos t IP : Configur e the IP for the log host. UD P Po rt : Displays the UDP por t used for receiv ...
TP-Link TL-SG3424P - page 266

The following entry is displayed on this screen:  Ba ckup Log Ba ckup Log : Click the Backup Lo g button t o save the log as a fil e to your comp uter . No te: It will t ake a few minut es to backup the lo g file. Pleas e wait without any operation. 16.3 De vice Dia gnostics This switch prov ides Cab le T est function for device diagnos tics . 1 ...
TP-Link TL-SG3424P - page 267

No te: 1. The Length d isplayed h ere is the length o f pair cab le not that of the phy sical cable. 2. The test resu lt is just for y our referenc e. 16.4 Net w ork D iagnostics This switch prov ides Pin g test and T racert test functions for networ k diagnos tics . 16.4.1 Ping Ping test f unction, test ing the co nnectivit y between t he switch a ...
TP-Link TL-SG3424P - page 268

Inte rval : S pecify the interv al to send ICMP request packet s. The defa ult value is recommend ed. 16.4.2 T racert T racert test function is us ed to test the connect ivity of the gateways dur ing its jour ney from the source to dest ination of the t est data. When malfu nctions occur t o the netw ork, you can locat e trouble spot of the networ ...
TP-Link TL-SG3424P - page 269

Appendix A: S pecifications Standar ds IEEE802. 3 10Base - T Eth ernet IEEE 802. 3u 100Base - TX/100 Base - FX Fast Eth ernet IEEE802. 3ab 1000Ba se - T Gigabit Ethernet IEEE802. 3z 1000Base - X Gigabit Ethernet IEEE802. 3x Flow Contr ol IEEE802. 1p QoS IEEE802. 1q VLAN IEEE802. 1X Port - bas ed Access Aut henticat ion IEEE 802.3 a f/at (for TL - S ...
TP-Link TL-SG3424P - page 270

Operating Envir onment Operatin g Temperature: 0 ℃ ~ 40 ℃ Storage Te mperature: - 40 ℃ ~ 70 ℃ Operatin g Humidity : 10% ~ 90% RH Non - con dens ing Sto rage Humi dity: 5% ~ 9 0 % RH Non - condensing Return to CONTEN TS 260 ...
TP-Link TL-SG3424P - page 271

Appendix B: Configuring the PCs In this sectio n, we’ll introd uce how to inst all and conf igure the TCP/I P corr ectly in W in dows 2000 and TCP/IPv 6 in WIN7. First make sur e your Ethernet Adapter is working, r efer to the adapter’s man ual if ne cessary . 1. In IPv4 netw ork ： 1) On the W in dows tas kbar , click the Sta r t button, and ...
TP-Link TL-SG3424P - page 272

4) In the prom pt page t hat showed be low , double clic k on the Internet Protocol (TCP/IP) . Figure B-2 5) The followin g TCP/IP Prope rties window wi ll displa y and the IP Address t ab is open on this window by default. Figure B-3 262 ...
TP-Link TL-SG3424P - page 273

6) Sel ect Use the following IP address. And the fo llowing ite ms will be available. I f the switch's IP address is 1 92.168.0. 1, specify IP addr ess as 192.168.0. x (x is from 2 to 254), and the Subnet mask as 255.25 5.255.0. 2. In IPv6 netw ork ： 1) On the W in dows tas kba r , click the Sta r t button, and then clic k Control Panel . 2) ...
TP-Link TL-SG3424P - page 274

5) The following TCP/ IP v6 Properties w indow will dis play and the IP Address t ab is open on this window by default. 264 ...
TP-Link TL-SG3424P - page 275

6) Sel ect Use the foll owi ng IP v6 address . And the following items will be av ailable. If the switch's IP address is 30 01::1/64 , specify IP address as 3001::14 fo r exam ple , and the Subnet prefix length as 64 . Now : Clic k OK to sav e your sett ings. Return to CONTEN TS 265 ...
TP-Link TL-SG3424P - page 276

Appendix C: Load Sof tware U sing FTP If there is someth ing wrong w ith the firmware of the switch and t he switch can not be launche d, you can load firmw are to the switch via FTP funct ion. FTP (File Tran sfer Protoc ol), a protocol in th e applicatio n layer, is main ly used to transfer f iles between the remote serv er and the local PCs. It i ...
TP-Link TL-SG3424P - page 277

Figure C- 2 Open Hyper T erminal 2 ） The Connection Descripti on Window wi ll prompt sh own as Figure C -3 . E nter a name int o the Name f ield and click OK . Figure C- 3 Connectio n Description 3 ） Select the port to conn ect in the follow ing figure and then c lick OK . 267 ...
TP-Link TL-SG3424P - page 278

Figure C- 4 Select the p ort to connect 4 ） Configure the port select ed in the step above s hown as t he followi ng figur e. Con figu re B its p er se cond as 384 00, D a ta b i ts as 8, Parit y as None, S top bi t s as 1, Flo w control as None, and the n click OK . Figure C- 5 Port Sett ings 3. Dow nload Firmw are v ia boot U til menu T o downl ...
TP-Link TL-SG3424P - page 279

Figure C- 6 bootUtil M enu As the prom pt is displayed for a shor t time, y ou are suggest ed not to r elease the CTRL - B key until you enter into bootUtil menu after p owering on the sw itch. 3 ） After enterin g into bootUti l menu, please fir stly confi gure the IP para meters of the switch. The format is: ifconf ig ip xxx.xxx. xxx.xxx mask 25 ...
TP-Link TL-SG3424P - page 280

7 ） Please power of f and restar t the switch show n as the following figure. Now you are in the User EXEC mode and ca n manage the swit ch via CLI co mmand. [ TP - LINK ] :  Press CT RL - B to ent er the b ootUti l S ta r t ing . . .  TL - SG34 24 > Return to CONTEN TS 270 ...
TP-Link TL-SG3424P - page 281

Appendix D : 802.1X Client Sof tw are In 802.1X mecha nism, the sup plicant C lient shou ld be equ ipped with t he correspo nding clien t soft ware compl ied with 802. 1X protoco l standar d for 802.1X authentic ation. W hen t he switc h works as the aut henticat or system, plea se take t he following instr uctions to inst all the TpSuppl icant pro ...
TP-Link TL-SG3424P - page 282

Figure D- 3 Welc ome to the I nstallS hield W izard 4) T o continue, cho ose the destinat ion locatio n for the install ation files and cl ick Next on t he followin g screen. Figure D- 4 Choose D estination Locat ion By defau lt, the inst allat ion files ar e saved on t he Progra m Files folder of system d isk. Click the Cha nge button t o modify t ...
TP-Link TL-SG3424P - page 283

Figure D- 5 Instal l the Program 6) The Inst allShie ld Wizard is inst alling TpSu pplicant shown as the followi ng screen. P lease wait. Figure D- 6 Setup S tatus 7) On the fo llowing scree n, click Finish to complete t he insta llation. 273 ...
TP-Link TL-SG3424P - page 284

Figure D- 7 Instal lShi eld Wizard Complete No te: Please pay at tention to t he tips o n the abov e screen. If you have not inst alled W in Pcap 4.0. 2 or the higher ver sion on your co mputer , the 802.1X Cl ient Soft ware TpSup plicant cannot work. It’s recomme nded to go t o http: //www .winpcap.org to dow nload the l atest vers ion of W in P ...
TP-Link TL-SG3424P - page 285

2) Then the fo llowing scree n will app ear . If you want t o stop the remove proc ess, clic k Cancel . Figure D- 9 Prepar ing Setu p 3) On the cont inued scree n, clic k Ye s to rem ove the applicat ion from your PC. Figure D- 10 Uninst all the Appli cation 4) Clic k Finish to complete. Fi gure D- 1 1 Uninst all Complete 3. Configura tion 1) Aft e ...
TP-Link TL-SG3424P - page 286

Fi gure D- 12 TP - LINK 802. 1X Client Enter the Nam e and the Passwo rd specified in t he Authent ication Ser ver . The length of N ame and Pass word shou ld be less than 1 6 characters. 2) Click the Properties but ton on Figure D - 12 to l oad t he following scr een for configur ing the connectio n properties. Figure D- 13 Connecti on Propertie s ...
TP-Link TL-SG3424P - page 287

3) T o continue, cli ck Conne ct button after ent ering the Name and Pa ssword on Figure D - 12 . Then the foll owing scree n will appear to prompt that the Radius serv er is being sear ched. Fi gure D- 14 Authenticati on Dialog 4) W hen passi ng th e a uthentication, the following s creen will ap pear . Fi gure D- 15 Suc cessf ull y Aut henti ca t ...
TP-Link TL-SG3424P - page 288

A1: It’s bec ause the suppor ted DLL file is missing. Y ou are suggeste d to go to http:/ /www .winpcap.org t o download W inPcap 4. 0.2 or the higher v ersion for instal lation, and run the client so ftwar e again. Q2: Is th is TP - LINK 802.1X Client Sof tware co mpliable with the sw itches of t he other manufactur ers? A2: No. This TP - LINK 8 ...
TP-Link TL-SG3424P - page 289

Appendix E : Glossary Access C ontrol List (AC L) ACLs can lim it networ k traffic and restri ct access t o certain users or devices by checking each packet for cer tain IP or MAC ( i.e., Layer 2) information. Boot Pr otocol (BOOT P) BOOTP is use d to provide bootup i nformation for network devi ces, including I P address informati on, the address ...
TP-Link TL-SG3424P - page 290

Generi c Multi cast Re gistr ation Pr otocol (GMRP) GMRP allow s networ k devices to r egister end stat ions with mu lticast grou ps. GMRP re quires that any partici pating networ k devices or e nd stations co mply with the IEEE 802.1 p standard. Grou p Att ribute Regis trat ion Proto col (GA RP) See Generi c Attribute Re gistratio n Protocol. IEEE ...
TP-Link TL-SG3424P - page 291

Layer 2 Data Link lay er in the ISO 7 - Lay er Data Communi cations Protoc ol. This is relate d directly to the hardware int erface for net work dev ices and passes on traffic bas ed on MAC a ddresses. Link A ggregation See Port Trunk. Link A ggregation Cont rol Pr otocol ( LA CP) Allows por ts to automat ically negotiate a trun ked link wit h LACP ...
TP-Link TL-SG3424P - page 292

Secure Shel l (SSH) A secure repla cement for rem ote access funct ions, inclu ding Telnet . SSH can authent icate users with a cry ptographic key , and encrypt data conne ctions betw een management cli ents and th e switch. Simple Network Manageme nt Protoc ol (SNMP) The appli cation proto col in the I nternet su ite of pr otocols whic h offers ne ...

Manufacturer TP-Link Category Switch

Documents that we receive from a manufacturer of a TP-Link TL-SG3424P can be divided into several groups. They are, among others:
- TP-Link technical drawings
- TL-SG3424P manuals
- TP-Link product data sheets
- information booklets
- or energy labels TP-Link TL-SG3424P
All of them are important, but the most important information from the point of view of use of the device are in the user manual TP-Link TL-SG3424P.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals TP-Link TL-SG3424P, service manual, brief instructions and user manuals TP-Link TL-SG3424P. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product TP-Link TL-SG3424P.

Similar manuals

A complete manual for the device TP-Link TL-SG3424P, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use TP-Link TL-SG3424P by users. Manuals are usually written by a technical writer, but in a language understandable to all users of TP-Link TL-SG3424P.

A complete TP-Link manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual TP-Link TL-SG3424P - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the TP-Link TL-SG3424P, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the TP-Link TL-SG3424P, that we can find in the current document
3. Tips how to use the basic functions of the device TP-Link TL-SG3424P - which should help us in our first steps of using TP-Link TL-SG3424P
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with TP-Link TL-SG3424P
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of TP-Link TL-SG3424P in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning TP-Link TL-SG3424P?

Use the form below

If you did not solve your problem by using a manual TP-Link TL-SG3424P, ask a question using the form below. If a user had a similar problem with TP-Link TL-SG3424P it is likely that he will want to share the way to solve it.

Manual TP-Link TL-SG3424P

Summary

TP-Link TL-SG3424P - page 1

TP-Link TL-SG3424P - page 2

TP-Link TL-SG3424P - page 3

TP-Link TL-SG3424P - page 4

TP-Link TL-SG3424P - page 5

TP-Link TL-SG3424P - page 6

TP-Link TL-SG3424P - page 7

TP-Link TL-SG3424P - page 8

TP-Link TL-SG3424P - page 9

TP-Link TL-SG3424P - page 10

TP-Link TL-SG3424P - page 11

TP-Link TL-SG3424P - page 12

TP-Link TL-SG3424P - page 13

TP-Link TL-SG3424P - page 14

TP-Link TL-SG3424P - page 15

TP-Link TL-SG3424P - page 16

TP-Link TL-SG3424P - page 17

TP-Link TL-SG3424P - page 18

TP-Link TL-SG3424P - page 19

TP-Link TL-SG3424P - page 20

TP-Link TL-SG3424P - page 21

TP-Link TL-SG3424P - page 22

TP-Link TL-SG3424P - page 23

TP-Link TL-SG3424P - page 24

TP-Link TL-SG3424P - page 25

TP-Link TL-SG3424P - page 26

TP-Link TL-SG3424P - page 27

TP-Link TL-SG3424P - page 28

TP-Link TL-SG3424P - page 29

TP-Link TL-SG3424P - page 30

TP-Link TL-SG3424P - page 31

TP-Link TL-SG3424P - page 32

TP-Link TL-SG3424P - page 33

TP-Link TL-SG3424P - page 34

TP-Link TL-SG3424P - page 35

TP-Link TL-SG3424P - page 36

TP-Link TL-SG3424P - page 37

TP-Link TL-SG3424P - page 38

TP-Link TL-SG3424P - page 39

TP-Link TL-SG3424P - page 40

TP-Link TL-SG3424P - page 41

TP-Link TL-SG3424P - page 42

TP-Link TL-SG3424P - page 43

TP-Link TL-SG3424P - page 44

TP-Link TL-SG3424P - page 45

TP-Link TL-SG3424P - page 46

TP-Link TL-SG3424P - page 47

TP-Link TL-SG3424P - page 48

TP-Link TL-SG3424P - page 49

TP-Link TL-SG3424P - page 50

TP-Link TL-SG3424P - page 51

TP-Link TL-SG3424P - page 52

TP-Link TL-SG3424P - page 53

TP-Link TL-SG3424P - page 54

TP-Link TL-SG3424P - page 55

TP-Link TL-SG3424P - page 56

TP-Link TL-SG3424P - page 57

TP-Link TL-SG3424P - page 58

TP-Link TL-SG3424P - page 59

TP-Link TL-SG3424P - page 60

TP-Link TL-SG3424P - page 61

TP-Link TL-SG3424P - page 62

TP-Link TL-SG3424P - page 63

TP-Link TL-SG3424P - page 64

TP-Link TL-SG3424P - page 65

TP-Link TL-SG3424P - page 66

TP-Link TL-SG3424P - page 67

TP-Link TL-SG3424P - page 68

TP-Link TL-SG3424P - page 69

TP-Link TL-SG3424P - page 70

TP-Link TL-SG3424P - page 71

TP-Link TL-SG3424P - page 72

TP-Link TL-SG3424P - page 73

TP-Link TL-SG3424P - page 74

TP-Link TL-SG3424P - page 75

TP-Link TL-SG3424P - page 76

TP-Link TL-SG3424P - page 77

TP-Link TL-SG3424P - page 78