Switches for Surveillance
Switches for Business WiFi
Wireless Networking for Elevators
Omada Software Controller
Omada Cloud-Based Controller
VIGI Security Manager
Omada Cloud Software Defined Networking (SDN)
Omada’s Software Defined Networking (SDN) platform integrates network devices, including access points, switches and gateways, providing 100% centralized cloud management. Omada creates a highly scalable network—all controlled from a single interface. Seamless wireless and wired connections are provided, ideal for use in hospitality, education, retail, offices, and more.
Omada WiFi 6 (802.11ax)
Need to deploy stable Wi-Fi in high-density environment? Try Omada Wi-Fi 6 technology!
Omada Wi-Fi 6 access points greatly improve experiences in high-density environments, and provides faster speed and greater range for more devices.
WPA3, the Newest Security Protocol
Want to enhance the network security in public WiFi and home WiFi? Try TP-Link WPA3 technology!
To maximum the safety of enterprise and your home WiFi, TP-Link is inserting WPA3, the latest encryption technology, into Omada access points, WiFi routers, range extenders, and more devices.
Pharos Long-Range Wireless
Need to transmit network to long range or remote areas? Try Pharos wireless solution!
Pharos is TP-Link's next-generation outdoor product series, providing long-range outdoor wireless networking solutions for applications such as WISP, Enterprise Bridge (P2P), and Wireless Surveillance (PtMP).
Worried about buffering when using outdoor wireless broadband? Try TP-Link MAXtream technology!
MAXtream, the breakthrough TDMA technology, makes outdoor AP smoother and produces more efficient communications.
Facing the annoying latency when multiple devices connected? Try TP-Link MU-MIMO technology!
MU-MIMO solves this problem by creating multiple simultaneous connections to serve several users with multiple data streams at the same time.
Power over Ethernet (PoE)
Need to deploy your surveillance cameras in your farm? Try TP-Link PoE technology to transmit power and data through one single Ethernet cable.
10G Multi-Gigabit Managed Switches
TP-Link's 10G/multi-gigabit managed switches are equipped with 10 Gbps fiber, 10 Gbps copper, or 2.5 Gbps Copper ports, offering maximum performance and low latency. Reliable and lightning-fast connections to WiFi 6 access points, storage servers, and other switches and devices are easily established.
LiteWave Unmanaged Switches
Need to work at home or expand your wired connections? Try TP-Link LiteWave Switches!
The TP-Link LiteWave Unmanaged Switches provide the simplest and most affordable way to expand your wired network. Just plug and play!
Learn MoreBecome a Partner
Training & Certification
Learn MoreStart Training
Find the Stories
Replacement & Warranty
GPL Code Center
Nowadays, an increasing number of companies allow or even encourage their employees to work with personal mobile devices. The BYOD (Bring Your Own Device) trend will undoubtedly bring vitality back to the business world. However, it is not an easy job for staff to take full advantage of BYOD convenience without compromising safety standards. The threat to network security increases as staff move their devices around the office. It is particularly the case for large companies with multiple departments. Omada SDN Solution deals with these problems by leveraging Multi-SSID features and flexible ACL policies.
To learn more about Omada SDN Solution, see https://www.tp-link.com/omada-sdn/
Let’s take an example to explain this in detail. A company has two departments in a building—R&D and Marketing. Each department is assigned an individual subnet and VLAN. The R&D department is in VLAN 10 and 172.31.10.0/24 subnet segment. The Marketing department is in VLAN 20 and 172.31.20.0/24 subnet segment. In this scenario, staff can bring their personal wireless devices to work and connect to their department network, but not the other department’s network for security purposes.
A whole set of products from the Omada SDN solution (such as the router ER605, the switch TL-SG3428MP, and the access points EAP610) can be used to build the network. All the devices are configured and monitored on a central platform— the Omada Controller OC300. You can access and manage the OC300 using its web UI on your computer.
Here are the steps for dividing the network and ensuring BYOD security using the web UI of OC300.
Step 1. Set up a WAN
Step 2. Set up a LAN and VLANs
Step 3. Set up Wi-Fi
Step 4. Set up an ACL
We are going to set up a WAN connection for the router, which is the internet connection.
1. Go to Settings > Wired Networks > Internet. Select the connection type and configure the parameters according to your ISP. Click Apply to finalize the settings. If you get a dynamic IP from your ISP, you should select Dynamic IP.
If you get a static IP from your ISP, you should select Static IP and enter the IP address, subnet mask, default gateway, and DNS server provided by the ISP.
First, check the default LAN settings.
1. Go to Settings > Wired Networks > LAN. There you can see the default LAN settings.
2. Click . The parameters for LAN are shown in the following table. You can keep the default settings for LAN (VLAN 1).
All the ports
192.168.0.1 – 192.168.0.254
Divide the local network into two more VLANs and IP segments for different departments.
3. To create VLAN 10, click + Create New LAN. Configure the parameters in the following table. Click Save.
172.31.10.1 - 172.31.10.254
3. To create VLAN 20, click + Create New LAN. Configure the parameters in the following table. Click Save.
172.31.20.1 - 172.31.20.254
To make the VLANs take effect, you need to set up port profiles about VLAN setup and then apply them to switch ports accordingly. The port profiles you need are shown in the following figure.
4. Go to Profile. The controller automatically created all the profiles you need according to your VLAN setup, including All, LAN, R&D, and Marketing.
You need to apply the port profiles to the ports according to the following table.
5. Go to Switch Settings. There is the switch on the list. Click . For example, if you want to apply the R&D profile to Port 4 and Port 6, select the two ports on the port list and click Edit Selected. Then set R&D as the profile and click Apply. With this method, you can apply the profiles to other switch ports.
In this example, you need to create multi-SSIDs for different departments in different VLANs, namely R&D Staff in VLAN 10, and Marketing Staff in VLAN 20. The Wi-Fi for each department is applied to all the EAPs and covers the whole office by default. However, you need to distribute different sets of SSIDs and passwords to the staff in each department to connect to the relevant VLAN.
1. To create an SSID for R&D Staff in VLAN 10, go to Wireless Networks and click + Create New Wireless Network. Configure the parameters in the following table. Click Save.
Network Name (SSID)
Customize the password for the wireless network.
Enable VLAN and set the VLAN ID as 10.
2. To create SSID for Marketing Staff in VLAN 20, go to Wireless Networks and click + Create New Wireless Network. Configure the parameters in the following table. Click Save.
Enable VLAN and set the VLAN ID as 20.
3. By default, the Wi-Fi settings are applied to all the EAPs. To check this, go to Devices and select the EAP. Then go to the Config tab, and click WLAN. You can confirm that the Wi-Fi settings are applied to the EAP.
You need to create an ACL rule to segregate VLANs (also departments) from each other. Otherwise, clients in different VLANs will still be able to access each other through the VLAN interfaces.
Go to Network Security > Switch ACL and click + Create New Rule. Configure the parameters in the following table. Click Apply.
R&D and Marketing
Select Network as the type and choose R&D as the source.
Select Network as the type and choose Marketing as the destination.
Finally, you’ve completed the setup, and all the network requirements are met:
1) There are wired and wireless networks for each department.
2) The local network is divided into different departments (VLANs). Each department operates independently of the other, but both departments can access the Internet.
3) BYOD security is guaranteed. Wi-Fi for each department is applied to all the EAPs and covers the whole office. However, we’ll distribute different sets of SSIDs and passwords to the staff in each department to connect to the corresponding VLAN.
For Home Networking
For Smart Home
I would like to be kept up to date with TP-Link news, product updates and promotions.
From United States?
Get products, events and services for your region.
These cookies are necessary for the website to function and cannot be deactivated in your systems.
Site Selection Popup
SMB Product Selection System
tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple
__livechat, __lc2_cid, __lc2_cst, __lc_cid, __lc_cst, CASID
VISITOR_INFO1_LIVE, YSC, LOGIN_INFO, PREF, CONSENT, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC
Analysis and Marketing Cookies
Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.
The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.
Google Analytics & Google Tag Manager & Google Optimize
_gid, _gat, _gat_global, _ga, _gaexp
Google Ads & DoubleClick
NID, IDE, test_cookie, id, 1P_JAR
fr, spin, xs, datr, c_user, sb, _fbp
_ce.s, _CEFT, _gid, cean, _fbp, ceac, _drip_client_9574608, cean_asoc
_hjKB, _fbp, ajs_user_id, _BEAMER_LAST_UPDATE_zeKLgqli17986, _hjid, _gcl_au, _ga, ajs_anonymous_id, _BEAMER_USER_ID_zeKLgqli17986, _hjAbsoluteSessionInProgress, _hjFirstSeen, _hjIncludedInPageviewSample, _hjTLDTest
Hm_lpvt_33178d1a3aad1dcf1c9b345501daa675, Hm_lvt_33178d1a3aad1dcf1c9b345501daa675, HMACCOUNT_BFESS
lms_analytics, AnalyticsSyncHistory, _gcl_au, liap