Appendix A Configuring iSCSI on the Sun StorageTek 2510 Array 105
■ iSCSI Ethernet - TCP/IP Performance Page
■ iSCSI Session Details Page
■ iSCSI Ethernet-MAC Performance Page
■ iSCSI Ethernet - TCP/IP Performance Page
■ iSCSI Session Details Page
■ iSCSI Session Summary Page
■ iSCSI Target Details Page
Configuring Mutual Authentication for an iSCSI
Session
In a secure environment, authentication is not required because only trusted
initiators can access the targets.
In a less secure environment, the target cannot determine if a connection request is
truly from a given host. In that case, the target can authenticate an initiator by using
the Challenge-Handshake Authentication Protocol (CHAP).
CHAP authentication uses the notion of a challenge and response, which means that
the target challenges the initiator to prove its identity. For the challenge/response
method to work, the target must know the initiator's secret key and the initiator must
be set up to respond to a challenge.
You can configure mutual authentication for an iSCSI session so that both the iSCSI
initiator and iSCSI target use a CHAP secret.
For security purposes, Sun Microsystems recommends that the initiator and CHAP
secrets be unique.
You can add CHAP secrets when creating an initiator or add it later to an initiator
and target.
▼ To Configure Mutual Authentication
1. Click Sun StorageTek Common Array Manager.
The navigation pane and the Storage System Summary page are displayed.
2. In the navigation pane, expand the storage array you want to work with.
The navigation tree is expanded for that array.
3. Expand Physical Devices and choose Initiators.
To Next Page
Loading...
