INDUCCION SW TP-LINK TL-SG3428 V2

Your best business partner for everything…

Ing. Manuel Matiguán Mayo 2022

manueltm1@[Link] [Link]

(0412) 5538279 @primeT604

Switch TP-Link TL-SG3428 V2

TL-SG3428 V2
Puertos RJ45 24 puertos 10/100/1000 Hardware Version TL-SG3428 2.0

Puertos SFP 4 Gigabit Software Version 2.0.1 Build 20210131 Rel.44230

Boot loader TP-LINK BOOTUTIL(v1.0.0)
Fuente de poder 100-240VAC 50-60Hz

FAN fanless
Switch TP-Link TL-SG3428 V2

TL-SG3428 V2
Switching capacity 56 Gbps
• 24 puertos 10/100/1000
Packet forwarding
rate
41.7 Mpps • 4 puertos gigabit SFP (SM/MM) interfaz LC
MTU size 9216 bytes • Soporta LACP, VLAN (802.1Q), CoS/DSCP
MAC address 16K (802.1p), IPv4/IPv6 Stack, STP, RSTP, etc.
Hasta 8 grupos y 8 puertos por
Link Aggregation
grupo • Gestión vía GUI y CLI
VLAN 4K
Switch TP-Link TL-SG3428 V2
Switch TP-Link TL-SG3428 V2

TOPOLOGÍA PROBADA

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

GESTIÓN DEL EQUIPO

(Consola/Telnet)

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

El Switch TP-LINK TL-SG3428 V2 cuenta con puerto de CONSOLA, y se puede gestionar

con los siguientes parámetros del terminal:

1. Proceder al encendido del equipo.

2. Por defecto Usuario: admin Clave: admin

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

El Switch TP-LINK TL-SG3428 V2 puede gestionar por telnet de la siguiente manera:

1. Proceder al encendido del equipo.

2. El Switch trae por defecto configurada la IP de Gestión [Link] /24 (vlan nativa).
3. Utilizando cable UTP, conecte la PC al switch en cualquiera de sus puertos.
4. Se configura el puerto de red de la PC en la misma subred.
5. Se abre una sesión telnet (Putty) o por vía Web conectando la IP [Link]
6. Por defecto Usuario: admin Clave: admin

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

All rights reserved © PT Group 2018

Confidential & Proprietary Information
User: admin Password: admin
Switch TP-Link TL-SG3428 V2

GESTIÓN DEL EQUIPO

(Web)

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

All rights reserved © PT Group 2018

Confidential & Proprietary Information
User: admin Password: admin
Switch TP-Link TL-SG3428 V2

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER INFORMACIÓN DEL SISTEMA

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2
#show system-info
System Description - JetStream 24-Port Gigabit Smart Switch with 4 SFP Slots
System Name - SW-Lab-00
System Location - Lab-EEII-P6
Contact Information - Miguel-Zambrano
Hardware Version - TL-SG3428 2.0
Software Version - 2.0.1 Build 20210131 Rel.44230
Bootloader Version - TP-LINK BOOTUTIL(v1.0.0)
Mac Address - D8-0D-17-54-2B-21
Serial Number - Y213034000270
System Time - 2022-04-16 [Link]
Running Time - 6 day - 3 hour - 17 min - 57 sec

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

USUARIOS Y ROLES

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

NIVELES DE PRIVILEGIOS DE LOS USUARIOS

• Puede editar, modificar y ver todos los

Level: Admin ajustes de las diferentes funciones.

• Puede editar, modificar y ver la mayoria de

Level Operator los ajustes de las diferentes funciones.

• Puede editar, modificar y ver algunos de los

Level Power user ajustes de las diferentes funciones.

• Solo puede ver los austes sin tener el

Level User derecho de editar o modificar.

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

Crear usuarios Localmente

#user name Prueba privilege admin secret 0 Prueba2021 (El Password luego se encripta)
#user name Laboratorio privilege operator password 0 Lab2020

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

PLANTILLA DE CONFIGURACIONES

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

1. Configuración de VLAN

swh-lab-00#configure
swh-lab-00 (config)#vlan 33
#
vlan 4
name "Gestion_Lab"
#
vlan 33
name "Gestion_DCN"
#
vlan 300
name "Servicio_Internet"
#
vlan 2948
name "Servicio_Internet ANZ"

2. Configuración del Nombre y localización del switch.

#
hostname " swh-lab-00"
location "Equipos II P6 Laboratorio"
contact-info "Miguel Zambrano"

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

3. Configuración de uso Horario

#

system-time ntp UTC-04:00 [Link] [Link] 12

no system-time dst

4. Configuración de TACACS
#

tacacs-server host [Link] port 49 timeout 5 key 0 pilsenet

tacacs-server host [Link] port 49 timeout 5 key 0 pilsenet

aaa group tacacs Cantv

server [Link]

server [Link]

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

5. Configuración de AAA
#

aaa authentication login default Cantv local

aaa authentication enable default tacacs local Cantv

user name Administrador privilege admin secret 5 $1$F9F5B;G9L7@6E7H4G:A8@6E:A3D9K0D//*]/-

user name Operador privilege operator secret 5 $1$L:E9G/N:C4N>L0I7@/E7O/J0K1H<H0B;[/![)

user name Power_User privilege power_user secret 5 $1$@5D3J>L:D2F3F7@9I1N<L5B;E=O3H/B>*(}['

user name User privilege user secret 5 $1$C5L5O4F>H6M=I;M:L/N7@0@7G1G0H>A6**)},

user name admin privilege admin secret 5 $1$B0B2B>B8G9E6J4J6D2H8D9@=D9H/A>L2$'}./

user name soporte privilege admin secret 5 $1$M>G5J;D8K7H2E9F:C3M0I1D8J1H8C/E4}*].-

no service reset-disable#

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

6. Configuración de servidor SSH

ip ssh server

7. Configuración de TELNET
El Protocolo de Acceso Telnet viene activado por defecto en el equipo. Deshabilite Telnet y verifique que no se puede
acceder mediante ese servicio.

swh-lab-00(config)#telnet disable

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

8. Configuración de Servidor SNMP.

snmp-server

snmp-server community "MeTalclientsw" read-write "viewDefault"

snmp-server host [Link] 162 "admin" smode v2c slev noAuthNoPriv type trap

snmp-server host [Link] 162 "MeTalclientsw" smode v2c slev noAuthNoPriv type trap

snmp-server host [Link] 162 "MeTalclientsw" smode v2c slev noAuthNoPriv type trap

snmp-server host [Link] 162 "MeTalclientsw" smode v2c slev noAuthNoPriv type trap

snmp-server traps snmp

snmp-server traps cpu

snmp-server traps memory

snmp-server traps vlan create

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

9. Configuración de Ruta Estática al Default Gateway de La “Gestión”.

#

ip route [Link] [Link] [Link]

10. Configuración de Nivel de Prioridad del LACP

#

lacp system-priority 65535

11. Configuración de Interface Lógica para LAG LACP UPLINK del SW

#

interface port-channel 2

description "UPLINK y LACP"

switchport general allowed vlan 4,33,300,2948-2949 tagged

#
All rights reserved © PT Group 2018
Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2
12. Configuración viene por defecto VLAN NATIVA para gestión Local
interface vlan 1

ip address [Link] [Link]

no ipv6 enable

13. Configuración de VLAN de GESTION

interface vlan 33

description " Gestion_DCN"

ip address [Link] [Link]

no ipv6 enable

14. Configuración de VLAN de GESTION LOCAL

interface gigabitEthernet 1/0/1

description "GESTION LOCAL con PC"

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

15. Configuración de Interface de servicios Tagged Puerto Troncal

#

interface gigabitEthernet 1/0/1

description "Conexion_LAN"

switchport general allowed vlan 2948-2949,300 tagged

16. Configuración Interface de Internet LAN puerto de acceso

#

interface gigabitEthernet 1/0/2

description "Internet-LAN"

switchport general allowed vlan 2948 untagged

switchport pvid 2948

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

17. Configuración de Las Interfaces LAG LACP UPLINK hacia la metro

#
interface gigabitEthernet 1/0/25
description "ALU-SW4-1/1/6LAG"
channel-group 2 mode active
ddm temperature_threshold high_alarm 120.000000
ddm temperature_threshold low_alarm -15.000000
ddm temperature_threshold high_warning 75.000000
ddm temperature_threshold low_warning -5.000000
ddm voltage_threshold high_alarm 5.200000
ddm voltage_threshold low_alarm 2.400000
ddm voltage_threshold high_warning 3.600000
ddm voltage_threshold low_warning 3.000000
ddm tx_power_threshold high_alarm 6.000000
ddm tx_power_threshold low_alarm 0.010000
ddm tx_power_threshold high_warning 4.000000
#
All rights reserved © PT Group 2018
Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

17. Configuración de Las Interfaces LAG LACP UPLINK hacia la metro

interface gigabitEthernet 1/0/26
description "ALU-SW4-2/2/6LAG"
channel-group 2 mode active
ddm temperature_threshold high_alarm 120.000000
ddm temperature_threshold low_alarm -15.000000
ddm temperature_threshold high_warning 75.000000
ddm temperature_threshold low_warning -5.000000
ddm voltage_threshold high_alarm 5.200000
ddm voltage_threshold low_alarm 2.400000
ddm voltage_threshold high_warning 3.600000
ddm voltage_threshold low_warning 3.000000
ddm tx_power_threshold high_alarm 6.000000
ddm tx_power_threshold low_alarm 0.010000
ddm tx_power_threshold high_warning 4.000000
#

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

18. Configuración de lista de Accesos (ACL)

#
access-list create 500 name "ACL-CANTV"

access-list ip 500 rule 10 permit logging disable sip [Link] sip-mask [Link]

access-list ip 500 rule 20 permit logging disable sip [Link] sip-mask [Link]

access-list ip 500 rule 30 permit logging disable sip [Link] sip-mask [Link]

access-list ip 500 rule 40 permit logging disable sip [Link] sip-mask [Link]

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

COMANDOS DE USO FRECUENTE

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER ESTADO DE LAS INTERFACES

swh-lab-00#show interface status

Port Status Speed Duplex FlowCtrl Active-Medium
---- ------ ----- ------ -------- -------------
Gi1/0/1 LinkDown N/A N/A N/A Copper
Gi1/0/2 LinkDown N/A N/A N/A Copper
Gi1/0/3 LinkDown N/A N/A N/A Copper
Gi1/0/4 LinkDown N/A N/A N/A Copper

swh-lab-00# show ip interface brief

Interface Status Protocol Shutdown IP-Address Type Method
--------- ------ -------- -------- ---------- ---- ------
VLAN4 up up no [Link]/24 Primary Static
VLAN1 up up no [Link]/24 Primary DHCP
VLAN33 up up no [Link]/24 Primary Static

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER CONTADORES DE LA INTERFAZ

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

show interface counters gigabitEthernet 1/0/25 show interface counters gigabitEthernet 1/0/26

Port: Gi1/0/25 Port: Gi1/0/26

Tx Collisions: 0 Tx Collisions: 0
Tx Ucast: 746 Tx Ucast: 746
Tx Mcast: 87,672 Tx Mcast: 87,672
Tx Bcast: 1,757 Tx Bcast: 1,757
Tx Jumbo: 0 Tx Jumbo: 0
Tx Pkts: 90,175 Tx Pkts: 90,175
Tx Bytes: 11,155,061 Tx Bytes: 11,155,061
Rx Ucast: 3,729 Rx Ucast: 3,729
Rx Mcast: 66,231 Rx Mcast: 66,231
Rx Bcast: 60,644 Rx Bcast: 60,644
Rx Jumbo: 0 Rx Jumbo: 0
Rx Alignment: 0 Rx Alignment: 0
Rx UnderSize: 0 Rx UnderSize: 0
Rx 64Pkts: 14,912 Rx 64Pkts: 14,912
Rx 65-127Pkts: 101,421 Rx 65-127Pkts: 101,421
Rx 128-255Pkts: 6,492 Rx 128-255Pkts: 6,492
Rx 256-511Pkts: 7,680 Rx 256-511Pkts: 7,680
Rx 512-1023Pkts: 41 Rx 512-1023Pkts: 41
Rx 1024to1518Pkts: 58 Rx 1024to1518Pkts: 58
Rx Pkts: 130,604 Rx Pkts: 130,604
Rx Bytes: 12,422,894 Rx Bytes: 12,422,894

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

GUARDAR CONFIGURACIÓN LOCAL

#copy running-config startup-config

GUARDAR CONFIGURACIÓN EN SERVIDOR

FTP

#copy startup-config tftp ip-address (server ip) filename [Link]

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER TABLA DE DIRECCIONES MAC

#show mac address-table

MAC Address Table

------------------------------------------------------------
MAC VLAN Port Type Aging
--- ---- ---- ---- -----
[Link] 33 LAG 2 dynamic aging
[Link] 33 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 33 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 4 LAG 2 dynamic aging
[Link] 33 LAG 2 dynamic aging
All rights reserved © PT Group 2018
Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

BACKUP DE CONFIGURACIÓN (FTP)

copy backup-config tftp ip-address ip-addr filename name

ip-addr: Dirección IP del servidor de TFTP

UPGRADE DE FIRMWARE

#firmware upgrade ip-address ip-addr filename name

name: Nombre del archivo

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

BACKUP DE CONFIGURACIÓN (FTP)

copy backup-config tftp ip-address ip-addr filename name

ip-addr: Dirección IP del servidor de TFTP

UPGRADE DE FIRMWARE

#firmware upgrade ip-address ip-addr filename name

name: Nombre del archivo

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

ACTUALIZACION Y REGRESION
DE VERSIÓN DE SOFTWARE

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

#firmware upgrade ip-address ip-addr filename name

All rights reserved © PT Group 2018
Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

Boot Application / Boot Config

boot application filename { image1 | image 2 } { startup | backup }

boot config filename { config1 | config 2 } { startup | backup }
All rights reserved © PT Group 2018
Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

CONFIGURACIÓN DE PUERTO MIRROR Y MTU

Monitor Session Destination / Source Interface

#monitor session 1 destination interface gigabitEthernet 1/0/6

#monitor session 1 source interface gigabitEthernet 1/0/4-5, 1/0/7 rx tx both

#show monitor sesión 1

Configurar MTU (Parámetro Global)

#jumbo-size (1518-9216)

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER POTENCIA DE INTERFAZ ÓPTICA

swh-lab-00#show ddm status

Temperature(C) Voltage(V) Bias Current(mA) Tx Power(mW) Rx Power(mW) Data Ready Rx Los Tx Fault

Gi1/0/25 45.414062 3.292700 19.030000 0.281000 0.251400 False False False

Gi1/0/26 -- -- -- -- -- -- -- --

Gi1/0/27 -- -- -- -- -- -- -- --

Gi1/0/28 -- -- -- -- -- -- -- --

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

VER LOCALMENTE EL LOG DEL EQUIPO

swh-lab-00# show logging buffer level 7 (Valor 0-7)

#2022-04-16 [Link],[SSH]/5/Logout the CLI by mzambr on ssh ([Link]).

#2022-04-16 [Link],[SSH]/5/Logout the CLI by mzambr on ssh ([Link]).

#2022-04-16 [Link],[User]/5/Logout the CLI by vty0 ().

#2022-04-16 [Link],[User]/4/Login the CLI failed by vty0 ().

#2022-04-16 [Link],[User]/4/Login the CLI failed by vty0 ([Link]).

#2022-04-16 [Link],[Link]/5/Gi1/0/24 changed state to up.

#2022-04-16 [Link],[Link]/5/Gi1/0/24 changed state to down.

#2022-04-16 [Link],[SSH]/5/Logout the CLI by mzambr on ssh ([Link]).

#2022-04-16 [Link],[User]/5/Logout the CLI by vty0 ().

All rights reserved © PT Group 2018

Confidential & Proprietary Information
Switch TP-Link TL-SG3428 V2

Gracias, Thanks you, Grazie, Merci,

谢谢

Mayo 2022

[Link]

@primeT604