EasyManuals Logo

Cisco AP775A - Nexus Converged Network Switch 5010 User Manual

Cisco AP775A - Nexus Converged Network Switch 5010
1486 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1098 background imageLoading...
Page #1098 background image
Send documentation comments to mdsfeedback-doc@cisco.com
50-30
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-17256-03, Cisco MDS NX-OS Release 4.x
Chapter 50 Configuring iSCSI
Configuring iSCSI
Local Authentication
See the “Configuring Users” section on page 39-12 to create the local password database. To create users
in the local password database for the iSCSI initiator, the iSCSI keyword is mandatory.
To configure iSCSI users for local authentication using Device Manager, follow these steps:
Step 1 Choose Security > iSCSI.
You see the iSCSI Security dialog box shown in Figure 50-28.
Figure 50-28 iSCSI Security Dialog Box
Step 2 Complete the iSCSI User, Password, and Password Confirmation fields.
Step 3 Click Create to save this new user.
Restricting iSCSI Initiator Authentication
By default, the iSCSI initiator can use any user name in the RADIUS server or in the local database in
authenticating itself to the IPS module or MPS-14/2 module (the CHAP user name is independent of the
iSCSI initiator name). The IPS module or MPS-14/2 module allows the initiator to log in as long as it
provides a correct response to the CHAP challenge sent by the switch. This can be a problem if one
CHAP user name and password has been compromised.
To restrict an initiator to use a specific user name for CHAP authentication using Fabric Manager, follow
these steps:
Step 1 Choose End Devices > iSCSI in the Physical Attributes pane.
You see the iSCSI tables in the Information pane (see Figure 50-5).
Step 2 Right-click the AuthUser field and enter the user name to which you want to restrict the iSCSI initiator.
Step 3 Click the Apply Changes icon to save these changes.
Mutual CHAP Authentication
In addition to the IPS module or MPS-14/2 module authentication of the iSCSI initiator, the IPS module
or MPS-14/2 module also supports a mechanism for the iSCSI initiator to authenticate the Cisco MDS
switch’s iSCSI target during the iSCSI login phase. This authentication requires the user to configure a
user name and password for the switch to present to the iSCSI initiator. The provided password is used
to calculate a CHAP response to a CHAP challenge sent to the IPS port by the initiator.

Table of Contents

Other manuals for Cisco AP775A - Nexus Converged Network Switch 5010

Preview: Reference
Reference886 pages
Preview: Command Reference
Command Reference792 pages
Preview: Release Note
Release Note26 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco AP775A - Nexus Converged Network Switch 5010 and is the answer not in the manual?

Cisco AP775A - Nexus Converged Network Switch 5010 Specifications

General IconGeneral
BrandCisco
ModelAP775A - Nexus Converged Network Switch 5010
CategorySwitch
LanguageEnglish

Related product manuals