User's Guide
Table Of Contents
- Product Overview
- Switch Installation
- Access your switch management page
- Saving configuration and switch between web modes
- Surveillance Mode Web Interface
- Standard Mode Web Interface
- Status
- Network
- Port
- ONVIF
- PoE (Power over Ethernet)
- VLAN
- Voice VLAN
- MAC VLAN
- Surveillance VLAN
- MAC Address Table
- Spanning Tree (STP, RSTP, MSTP)
- LLDP (Link-Layer Discovery Protocol)
- Multicast
- Configure unknown multicast and multicast forwarding method
- Add static multicast group addresses
- Add multicast router ports
- Configure IGMP snooping settings
- Configure IGMP snooping settings for IPv4 multicast traffic.
- Configure multicast querier settings
- View IGMP snooping statistics
- Configure MLD snooping settings
- Configure MLD snooping settings for IPv6 multicast traffic.
- View MLD snooping statistics
- Configure MVR settings
- Configure MVR port settings
- Configure MVR Group Address Table
- Security
- Configure RADIUS settings
- Configure RADIUS network authentication settings
- Configure RADIUS network port settings
- View authenticated sessions
- Configure Management Access
- Configure Management ACL/ACE (Access Control Lists/Access Control Entries)
- Create new access control list
- Configure Port Security
- Configure Protected Ports
- Configure Storm Control
- Denial of Service (DoS)
- DHCP Snooping
- View DHCP Snooping Statistics
- Configure DHCP Option 82 settings
- Configure DHCP Option 82 Circuit ID settings
- Configure IP Source Guard
- Configure IP Source Guard IMPV Binding
- Save DHCP Snooping Database
- ACL
- QoS
- Diagnostics
- Management
- Modify admin password and create new users
- Upgrade switch firmware
- Backup/Restore switch Configuration
- Save switch configuration to NV-RAM / Restore to default
- SNMP
- Configure the SNMP View Table
- Configure the SNMP Group Table
- Configure the SNMP Community Table
- Configure the SNMP Users
- Set the SNMP Engine ID
- Configure the SNMP Trap Management
- Configure the SNMP Notification
- RMON
- View RMON Statstics
- Configure RMON History Table
- Configure RMON Event Table
- Configure RMON Alarm Table
- Create Schedules
- Technical Specifications
- Troubleshooting
- Appendix
© Copyright 2020 TRENDnet. All Rights Reserved.
TRENDnet User’s Guide
TPE-3012LS / TPE-3018LS
103
Security
This chapter contains information about the Port-based security features and the
procedures for setting this feature.
Configure RADIUS settings
Security > RADIUS
This section contains information and configuration procedures for the
Port-based Access Control. Port-based Network Access Control (IEEE 802.1x) is used to
control who can send traffic through and receive traffic from a switch port. With this
feature, the switch does not allow an end node to send or receive traffic through a port
until the user of the node logs on by entering a user name and password.
This feature can prevent an unauthorized individual from connecting a computer to a
port or using an unattended workstation to access your network resources. Only those
users to whom you have assigned a user name and password are able to use the switch
to access the network.
This feature can be used with one of two authentication methods:
• The RADIUS authentication protocol requires that a remote RADIUS server is
present on your network. The RADIUS server performs the authentication of
the user name and password combinations.
• The Dial-in User (local) authentication method allows you to set up the
authentication parameters internally in the switch without an external server.
In this case, the user name and password combinations are entered in the
associated with an optional VLAN when they are defined. Based on these
entries, the authentication process is done locally by the Web Management
Utility using a standard EAPOL transaction.
Note: RADIUS with Extensible Authentication Protocol (EAP) extensions is the only
supported authentication server for this feature.
1. Log into your switch management page (see “Access your switch management page”
on page 11).
2. Click on Security and click on RADIUS.
3. Review the settings. Click Apply to save the settings.
Configure the following parameters as required:
• Retry: Set the number of retries to authorize RADIUS servers.
• Timeout: Set the timeout period in seconds before starting the retry process
again for authorization of RADIUS servers.
• Key String: Set the RADIUS shared secret for all RADIUS servers.
To add a RADIUS server, click Add.
• Address Type – Select the address type to identify the RADIUS server on the
network. Hostname, IPv4, or IPv6
• Server Address – Depending on the address type selected in the previous,
enter the Hostname, IPv4 address, or IPv6 address in the field provided to
identify the RADIUS server.
• Server Port – Enter the RADIUS server port. By default, the RADIUS server port
is set to 1812.
• Priority – Enter the RADIUS server priority value. The lower the number, the
higher the priority value. This can apply if you have multiple RADIUS servers
listed and which will indicate which RADIUS servers to take priority over others
in the list.
• Key String – By default, the Use Default setting is checked to use the Default
Key String/Shared Secret specified in the global settings. If the key
string/shared secret for a specified RADIUS server, uncheck the Use Default
option and enter the key string/shared secret in the field provided.
• Retry – By default, the Use Default setting is checked to use the Retry number
specified in the global settings. If the Retry number for a specified RADIUS
server, uncheck the Use Default option and enter the Retry number in the field
provided.