Send documentation comments to mdsfeedback-doc@cisco.com
45-6
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-17256-03, Cisco MDS NX-OS Release 4.x
Chapter 45 Configuring FC-SP and DHCHAP
DHCHAP
Figure 45-3 FC-SP (DHCHAP) Interface Modes
Step 3 Set the Mode drop-down menu to the DHCHAP authentication mode you want to configure for that
interface.
Step 4 Click the Apply Changes icon to save these DHCHAP port mode settings.
About the DHCHAP Hash Algorithm
Cisco MDS switches support a default hash algorithm priority list of MD5 followed by SHA-1 for
DHCHAP authentication.
Tip If you change the hash algorithm configuration, then change it globally for all switches in the fabric.
Caution RADIUS and TACACS+ protocols always use MD5 for CHAP authentication. Using SHA-1 as the hash
algorithm may prevent RADIUS and TACACS+ usage—even if these AAA protocols are enabled for
DHCHAP authentication.
Configuring the DHCHAP Hash Algorithm
To configure the hash algorithm using Fabric Manager, follow these steps:
Step 1 Choose Switches > Security and then select FC-SP.
Step 2 Click the General/Password tab.
You see the DHCHAP general settings mode for each switch shown in Figure 45-4.
Figure 45-4 General/ Password Tab
Step 3 Change the DHCHAP HashList for each switch in the fabric.
Step 4 Click the Apply Changes icocn to save the updated hash algorithm priority list.
To Next Page
Loading...
