1. Home
  2. TP-Link
  3. TP-Link TL-SG2008P User Manual
  4. Page 770

TP-Link TL-SG2008P Jetstream 8 Port Gigabit Smart Managed PoE Switch

Installation Guide - Page 770

For TL-SG2008P.

PDF File Manual, 1146 pages, Read Online | Download pdf file

Loading ...
Loading ...
Loading ...
User Guide 741
Configuring AAA AAA Configuration
2.2 Using the CLI
2.2.1 Adding Servers
You can add one or more RADIUS/TACACS+ servers on the switch for authentication. If
multiple servers are added, the server with the highest priority authenticates the users
trying to access the switch, and the others act as backup servers in case the first one
breaks down.
â–  Adding RADIUS Server
Follow these steps to add RADIUS server on the switch:
Step 1 configure
Enter global configuration mode.
Step 2 radius-server host
ip-address
[ auth-port
port-id
] [ acct-port
port-id
] [ timeout
time
] [
retransmit
number
] [ nas-id
nas-id
] key { [ 0 ]
string
| 7
encrypted-string
}
Add the RADIUS server and configure the related parameters as needed.
host
ip-address
:
Enter the IP address of the server running the RADIUS protocol.
auth-port
port-id
:
Specify the UDP destination port on the RADIUS server for authentication
requests. The default setting is 1812.
acct-port
port-id:
Specify the UDP destination port on the RADIUS server for accounting
requests. The default setting is 1813. Usually, it is used in the 802.1X feature.
timeout
time
:
Specify the time interval that the switch waits for the server to reply before
resending. The valid values are from 1 to 9 seconds and the default setting is 5 seconds.
retransmit
number
:
Specify the number of times a request is resent to the server if the
server does not respond. The valid values are from 1 to 3 and the default setting is 2.
nas-id
nas-id
:
Specify the name of the NAS (Network Access Server) to be contained in
RADIUS packets for identification. It ranges from 1 to 31 characters. The default value is the
MAC address of the switch. Generally, the NAS indicates the switch itself.
key { [ 0 ]
string
| 7
encrypted-string
}: Specify the shared key. 0 and 7 represent the
encryption type. 0 indicates that an unencrypted key will follow. 7 indicates that a symmetric
encrypted key with a xed length will follow. By default, the encryption type is 0.
string
is the
shared key for the switch and the server.
encrypted-string
is a symmetric encrypted key
with a xed length, which you can copy from the conguration le of another switch. The
key or encrypted-key you congure here will be displayed in the encrypted form.
Step 3 show radius-server
Verify the configuration of RADIUS server.
Step 4 end
Return to privileged EXEC mode.
Step 5 copy running-config startup-config
Save the settings in the configuration file.
Loading ...
Loading ...
Loading ...