Cisco Systems MDS 9000 RADIUS and TACACS+

CHAPTER

Send documentation comments to mdsfeedback-doc@cisco.com.

27-1

Cisco MDS 9000 Family Fabric Manager Configuration Guide

OL-6965-03, Cisco MDS SAN-OS Release 2.x

27

RADIUS and TACACS+

Fabric Manager provides the capability to authenticate users with RADIUS or TACACS+.

This chapter includes the following sections:

•Authentication, Authorization, and Accounting, page 27-1

•Configuring RADIUS, page 27-5

•Configuring TACACS+, page 27-8

•Configuring Server Groups, page 27-10

Authentication, Authorization, and Accounting

The authentication, authorization, and accounting (AAA) mechanism verifies the identity of, grants

access to, and tracks the actions of users managing a switch. All Cisco MDS 9000 Family switches use

Remote Access Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System

Plus (TACACS+) protocols to provide solutions using remote AAA servers.

Based on the user ID and password combination provided, switches perform local authentication or

authorization using the local database or remote authentication or authorization using AAA server(s). A

preshared secret key provides security for communication between the switch and AAA servers. This

secret key can be configured for all AAA server or for only a specific AAA server. This security

mechanism provides a central management capability for AAA servers.

CLI Security Options

You can access the CLI using the console (serial connection), Telnet, or Secure Shell (SSH). For each

management path (console or Telnet and SSH), you can configure one or more of the following security

control options: local, remote (RADIUS or TACACS+), or none.

•Remote security control

–

Using Remote Authentication Dial-In User Services (RADIUS). See the “Configuring

RADIUS” section on page 27-5.

–

Using Terminal Access Controller Access Control System plus (TACACS+). See the

“Configuring TACACS+” section on page 27-8.

•Local security control. See the “Local AAA Services” section on page 27-12.

Contents

Main Cisco MDS 9000 Family Fabric Manager Configuration Guide, Release 2.x Page CONTENTS Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page New and Changed Information Page Page Page Preface Audience Organization Page Page Document Conventions Related Documentation Obtaining Documentation Cisco.com Product Documentation DVD Ordering Documentation Documentation Feedback Cisco Product Security Overview Reporting Security Problems in Cisco Products Obtaining Technical Assistance Cisco Technical Support & Documentation Website Submitting a Service Request Definitions of Service Request Severity Obtaining Additional Publications and Information Page Page Page Installation and Configuration About Cisco Fabric Manager Fabric Manager Server Fabric Manager Client Fabric Manager Server Proxy Services Device Manager Performance Manager Cisco MDS 9000 Switch Management Storage Management Solutions Architecture In-Band Management and Out-of-Band Management mgmt0 IPFC Installing the Management Software Before You Install Installation Procedure Page Upgrading the Management Software Downgrading the Management Software Downgrading to Release 2.x or Later Downgrading to Cisco MDS SAN-OS Release 1.3(x) or Earlier Launching the Management Software Integrating Cisco Fabric Manager with Other Management Tools Running Fabric Manager Behind a Firewall Uninstalling the Management Software Page Fabric Manager Server Fabric Manager Server Overview Fabric Manager Server Features Installing and Configuring Fabric Manager Server Installing Fabric Manager Server Unlicensed Versus Licensed Fabric Manager Server Setting the Seed Switch Configuring Flows and Collections with Performance Manager Using the Performance Manager Configuration Wizard Page Installing Fabric Manager Web Services Verifying Performance Manager Collections Fabric Manager Server Fabric Monitoring and Removal Designating a Fabric for Continuous Monitoring Removing a Fabric from Monitoring Fabric Manager Server Properties File Modifying Fabric Manager Server Changing the Fabric Manager Server Username and Password Changing the Polling Period and Fabric Rediscovery Time Using Device Aliases or FC Aliases Saving Device Aliases to the Switch Fabric Manager Client Fabric Manager Client Overview Fabric Manager Advanced Mode Launching Fabric Manager Client Using Fabric Manager Client Multiple Fabric Display Contents Panes Fabric Pane Page Saving the Map Purging Down Elements Main Menu Toolbar Information Pane Logical Domains Pane Physical Attributes Pane Status Bar Context Menus Filtering Detachable Tables Setting Fabric Manager Preferences Page Network Fabric Discovery Modifying Device Grouping Using Alias Names as Enclosures Control of Administrator Access with Users and Roles Fabric Manager Wizards Fabric Manager Troubleshooting Tools Page Device Manager Device Manager Overview Device Manager Features Launching Device Manager Using Device Manager Menu Bar Toolbar Icons Dialog Boxes Tabs Legend Supervisor and Switching Modules Context Menus Setting Device Manager Preferences Fabric Manager Web Services Fabric Manager Web Services Overview Filter Tree Events Performance Inventory Custom Admin Installing Fabric Manager Web Services Page Using Fabric Manager Web Services with SSL Launching and Using Fabric Manager Web Services Monitoring Fabrics from Fabric Manager Web Services Setting Up a Guest User Recovering a Web Services Password Creating Custom Report Templates Generating Custom Reports Viewing Existing Custom Reports Page Performance Manager Performance Manager Architecture Data Interpolation Data Collection Using Performance Thresholds Quick Data Collector and Flow Setup Wizards Page Authentication in Fabric Manager Fabric Manager Authentication Overview Page Best Practices for Discovering a Fabric Setting up Discovery for a Fabric Performance Manager Authentication Fabric Manager Web Services Authentication Cisco Traffic Analyzer Using Cisco Traffic Analyzer with Performance Manager Understanding SPAN Understanding the PAA-2 Understanding Cisco Traffic Analyzer Using Cisco Traffic Analyzer with Fabric Manager Web Services Installing and Launching Cisco Traffic Analyzer Page Page Configuring Cisco Traffic Analyzer Discovering Cisco Traffic Analyzer from Fabric Manager Web Services Accessing Cisco Traffic Analyzer from Fabric Manager Web Services Configuring Cisco Traffic Analyzer for Fabric Manager Releases Prior to 2.1(2) Page Page Page Page Obtaining and Installing Licenses Licensing Terminology Licensing Model Page Page Licensing High Availability Options to Install a License Obtaining a Factory-Installed License Performing a Manual Installation Obtaining the License Key File Installing the License Key File Installing Licenses Using Fabric Manager License Wizard Viewing License Information in Fabric Manager Viewing Licenses Using Fabric Manager Web Services Installing or Updating Licenses Using Device Manager Viewing License Information in Device Manager Uninstalling Licenses Updating Licenses License Expiry Alerts Moving Licenses Between Switches Fabric Manager Server Licensing Page Software Images About Software Images Dependent Factors Essential Upgrade Prerequisites Software Upgrade Methods Determining Compatibility Recognizing Failure Cases Using the Software Install Wizard Page Upgrading from Cisco MDS SAN-OS 1.3(4a) to 2.0(1b) Page File System Manipulation Listing the Files in a Directory Creating a Directory Deleting an Existing File or Directory Copying Files Performing Other File Manipulation Tasks Configuration Files Working with Configuration Files Saving the Configuration File Copying the Configuration File Page Page Cisco Fabric Services About CFS Cisco MDS SAN-OS Features Using CFS CFS Features Enabling CFS for a Feature Locking the Fabric Committing Changes Page Clearing a Locked Session Disabling or Enabling CFS Distribution on a Switch CFS Merge Support A CFS Example Using Fabric Manager Page A CFS Example Using Device Manager Page VSAN Configuration About VSANs Default and Isolated VSANs Default VSANs Isolated VSANs Configuring a VSAN Deleting VSANs Page Dynamic VSAN Configuration About DPVM DPVM Requirements DPVM Databases DPVM Database Distribution Config Database Activation Copying the DPVM Database Autolearn Entries Using the DPVM Setup Wizard Modifying the DPVM Database Using the DPVM tables Page Zone Configuration Zoning Features Zone Implementation Zone Configuration Using the Zone Configuration Tool Edit Full Zone Database Overview Zone Database Information Configuring a Zone Viewing Zone Statistics Adding Zone Members Displaying Zone Membership Information Alias Configuration Page Creating Zones with Aliases Viewing Aliases Converting Zone members to pWWN-based Members Zone Set Creation Active and Full Zone Set Considerations 15-11 Cisco MDS 9000 Family Fabric Manager Configuration Guide OL-6965-03, Cisco MDS SAN-OS Release 2.x Chapter 15 Zone Configuration Zone Set Creation Figure 15-4 shows a zone being added to an active zone set. Figure 15-4 Active and Full Zone Sets Creating Zone Sets Adding Zones to a Zone Set Activating Zone Sets Deactivating Zone Sets Creating Additional Zones and Zone Sets Cloning Zones and Zone Sets Deleting Zones, Zone Sets, and Aliases Zone Enforcement The Default Zone Configuring the Default Zone Policy Performing Zone Merge Analysis Recovering from Link Isolation Importing Zone Sets Exporting Active Zone Sets Full Zone Set Propagation One-Time Distribution Copying a Full Zone Database Migrating a Non-MDS Database Zone-Based Traffic Priority Configuring Zone QoS and Broadcast Attributes About LUN Zoning Configuring a LUN-Based Zone Assigning LUNs to Storage Subsystems About Read-Only Zones Guidelines to Configure Read-Only Zones Configuring Read-Only Zones Backing Up and Restoring Zones Inter-VSAN Routing Configuration Inter-VSAN Routing Understanding IVR IVR Terminology Fibre Channel Header Modifications IVR NAT IVR VSAN Topology Autonomous Fabric ID Service Groups Using IVR NAT and Auto Topology Transit VSAN Guidelines Border Switch Guidelines Service Group Guidelines Using IVR Without IVR NAT or Auto Topology Domain ID Guidelines Transit VSAN Guidelines Border Switch Guidelines Using the IVR Zone Wizard Modifying IVR Modifying IVR NAT and IVR Auto Topology Configuring Service Group Configuring AFIDs Enabling IVR Without NAT Manually Creating the IVR Topology Activating an IVR Topology Clearing the IVR Topology Adding IVR Virtual Domains IVR Zones and IVR Zone Sets IVR Zones Versus Zones Automatic IVR Zone Creation Configuring IVR Zones and Zone Sets Creating Additional IVR Zones and Zone Sets Activating IVR Zone Sets Deactivating IVR Zone Sets Recovering an IVR Full Zone Database Recovering an IVR Full Topology Adding Members to IVR Zones IVR Interoperability Page PortChannel Configuration PortChannel Functionality Using the PortChannel Wizard Page Page Modifying PortChannels Page Interface Configuration Fibre Channel Interfaces About Interface Modes E Port F Port FL Port TL Port TE Port SD Port ST Port Fx Port B Port Auto Mode Configuring Trunking Mode About Interface States Administrative States Operational States Reason Codes 32-Port Configuration Guidelines Configuring Fibre Channel Interfaces Configuring Gigabit Ethernet Interfaces Enabling or Disabling Interfaces Managing Interface Attributes for Ports Page Buffer-to-Buffer Credits Performance Buffers Configuring Buffer-to-Buffer Credits and Performance Buffers Identification of SFP Types Configuring the Management Interface IPFC Interface Configuration FCIP Configuration About Gigabit Ethernet Interfaces Configuring a Basic Gigabit Ethernet Interface FCIP Configuration FCIP and VE Ports FCIP Links FCIP Write Acceleration FCIP Compression Using the FCIP Wizard Page Page Modifying FCIP Links About FCIP Profiles FCIP Interfaces Modifying FCIP Profiles and FCIP Links Verifying Interfaces and Extended Link Protocol Checking Trunk Status Modifying FCIP Write Acceleration or FCIP Compression FCIP Tape Acceleration Page Enabling FCIP Tape Acceleration Configuring Advanced FCIP Interfaces Configuring Peers Peer IP Address Special Frames Using B Port Interoperability Mode 19-16 Configuring B Ports Configuring E Ports FCIP High Availability Fibre Channel PortChannels FSPF VRRP Ethernet PortChannels Ethernet PortChannels and Fibre Channel PortChannels Page iSCSI Configuration Configuring iSCSI About iSCSI 20-2 Page Routing iSCSI Requests and Responses Enabling iSCSI Using the iSCSI Wizard Page Presenting Fibre Channel Targets as iSCSI Targets Dynamically Importing Fibre Channel Targets Configuring Dynamic Importing with Device Manager Creating a Static iSCSI Virtual Target High Availability Static Target Importing Configuring the Trespass Feature Presenting iSCSI Hosts as Virtual Fibre Channel Hosts Dynamic Mapping Initiator Identification Static Mapping Assigning VSAN Membership to iSCSI Hosts Creating a Statically Mapped iSCSI Initiator iSCSI Proxy Initiators 20-15 Configuring the iSCSI Proxy Initiator Access Control in iSCSI Fibre Channel Zoning-Based Access Control iSCSI-Based Access Control Enforcing Access Control iSCSI User Authentication No Authentication Configuring an Authentication Mechanism Restricting iSCSI Initiator Authentication Mutual CHAP Authentication Configuring an iSCSI RADIUS Server Advanced iSCSI Configuration Setting the QoS Values iSCSI Forwarding Mode iSCSI High Availability Multiple IPS Ports Connected to the Same IP Network VRRP-Based High Availability Ethernet PortChannel-Based High Availability Configuring iSCSI Storage Name Services iSNS Client Functionality Creating an iSNS Profile Modifying an iSNS Profile Enabling the iSNS Server Configuring the ESI Retry Count Configuring the SAN Extension Tuner About the SAN Extension Tuner SAN Extension Tuner Setup Data Pattern Prerequisites Using the SAN Extension Tuner Wizard Page FICON Configuration About FICON MDS-Specific FICON Advantages Fabric-Optimization with VSANs FCIP Support PortChannel Support VSANs for FICON and FCP Intermixing Cisco MDS-Supported FICON Features Page FICON Port Numbering FICON Port Numbering Guidelines FCIP and PortChannel Port Numbers Port Addresses Implemented and Unimplemented Port Addresses Installed and Uninstalled Ports FC ID Allocation FICON Cascading FICON VSAN Prerequisites Enabling FICON Creating FICON VSANs and enabling FICON Deleting FICON VSANs Viewing FICON Director History The code-page Option FC ID Last Byte FICON Host Control Host Changes FICON Port Parameters FICON Information Refresh Note Configuring FICON Ports Port Blocking Port Prohibiting Configuring Port Blocking and Port Prohibiting Entering FICON Port Configuration Information Viewing FICON Port Attributes FICON Configuration Files Accessing FICON Configuration Files Copying FICON Configuration Files Editing FICON Configuration Files Managing FICON Configuration Files In Device Manager Port Swapping Port Swapping Guidelines Swapping FICON Ports Clearing FICON Device Allegiance CUP In-Band Management Fabric Binding Configuration Fabric Binding Enforcement Enabling Fabric Binding Configuring a List of Switch WWNs In a Fabric Activating Fabric Binding Saving Fabric Binding Configurations Deactivating Fabric Binding Fabric Binding CopyActive to Config Creating a Fabric Binding Configuration Deleting a Fabric Binding Configuration Viewing Fabric Binding Active Database Viewing Fabric Binding Violations Clearing Fabric Binding Statistics Displaying RLIR Information Calculating FICON Flow Load Balance Page Page Page Configuring Intelligent Storage Services Intelligent Storage Services Enabling Intelligent Storage Services Disabling Intelligent Storage Services SCSI Flow Services Configuring SCSI Flow Services Fibre Channel Write Acceleration Configuring Fibre Channel Write Acceleration SCSI Flow Statistics Enabling SCSI Flow Statistics Viewing SCSI Flow Statistics and Clearing SCSI Flow Statistics SANTap Transparent Mode Proxy Mode-1 Proxy Mode-2 Configuring SANTap NASB Configuring NASB Page Page Additional Configuration Fibre Channel Time Out Values The fctrace Feature Performing an fctrace Operation The fcping Feature Invoking the fcping Feature Configuring World Wide Names Link Initialization WWN Usage Flat FC ID Allocation Loop Monitoring Initiation Switch Interoperability Page Interoperability Configuration Configuring Interoperability Page Page Page Page Users and Common Roles Role-Based Authorization Configuring Common Roles Creating Common Roles Editing Rules For Common Roles in Device Manager Deleting Common Roles Configuring the VSAN Policy Modifying the VSAN Policy Configuring User Accounts Creating or Updating Users Creating Strong Passwords Adding a User Deleting a User Viewing User Information Configuring SSH Services Generating the SSH Server Key Pair and Enabling SSH Deleting a Generated Key Pair Recovering Administrator Password Page SNMP Configuration About SNMP SNMP Version 1 and Version 2c SNMP Version 3 SNMP v3 CLI User Management and AAA Integration CLI and SNMP User Synchronization Software Upgrade Synchronization Restricting Switch Access Adding a Community String Deleting a Community String Adding A Community String to the communities.properties File Understanding Users Adding a User Deleting a User Viewing SNMP Community and User Information Group-Based SNMP Access Assigning SNMPv3 Users to Multiple Roles Configuring SNMP Notifications Page Page RADIUS and TACACS+ Authentication, Authorization, and Accounting CLI Security Options SNMP Security Options Switch AAA Functionalities Authentication Authorization Accounting Remote AAA Services Remote Authentication Guidelines Server Groups AAA Service Configuration Options Configuring RADIUS Setting the RADIUS Server for Authentication and Accounting Page Setting the Global Preshared Key Defining Vendor-Specific Attributes VSA Format Specifying SNMPv3 on AAA Servers Configuring TACACS+ About TACACS+ Enabling TACACS+ Setting the TACACS+ Server Defining Custom Attributes for Roles Supported TACACS+ Servers Configuring Server Groups Distributing AAA server Configuration Enabling the distribution Starting a Distribution Session on a Switch Committing the Distribution Discarding the Distribution Session Local AAA Services Disabling AAA Authentication Page IP Access Control Lists IP-ACL Configuration Guidelines Filter Contents Protocol Information Address Information Port Information Page Using the IP-ACL Wizard Creating Complex IP-ACLs Using Device Manager Associating IP-ACL Profiles to Interfaces Removing Associations Between IP-ACL Profiles and Interfaces Deleting IP Profiles Page IPsec and IKE Configuring IPsec Network Security The 14/2-Port Multiprotocol Services Module IPsec Prerequisites IPsec Compatibility About IPsec About IKE IPsec and IKE Terminology Supported IPsec Transforms Supported IKE Transforms and Algorithms Supported Algorithms for Windows and Linux Platforms Enabling IPsec Using FCIP Wizard Modifying IKE and IPsec Crypto ACL Guidelines Mirror Image Crypto ACLs Page The any Keyword in Crypto ACLs Configuring Crypto IP-ACLs Transform Sets Crypto Map Entries SA Establishment Between Peers The AutoPeer Option SA Lifetime Negotiation Perfect Forwarding Secrecy Creating or Modifying Crypto Maps Applying a Crypto Map Set to an Interface IPsec Maintenance Global Lifetime Values Page FC-SP and DHCHAP Fibre Channel Security Protocol About DHCHAP DHCHAP Compatibility with Existing Cisco MDS Features Configuring DHCHAP Authentication Enabling DHCHAP Configuring DHCHAP Authentication Modes Changing the DHCHAP Hash Algorithm Changing DHCHAP Group Settings Configuring the DHCHAP Password Configuring the DHCHAP Password for the Local Switch Configuring Remote Passwords for Other Devices Setting the DHCHAP Timeout Value Configuring DHCHAP AAA Authentication Enabling FC-SP on ISLs Port Security About Port Security About Auto-Learn Auto-Learning Device Authorization Port Security Enforcement Configuring Port Security Enabling Port Security Activating Port Security with Auto-Learn Displaying Activated Port Security Settings Displaying Port Security Statistics Displaying Port Security Violations Turning Auto-Learning On or Off Example of Port Security Authorization Configuring Port Security Manually WWN Identification Manually Configuring Port Security Deleting a Port Security Pair Database Interaction 31-9 Database Scenarios Activating the Port Security Database Database Activation Rejection Forceful Port Security Activation Database Reactivation Copying an Active Database to the Config Database Page Page Page Network Monitoring SAN Discovery and Topology Mapping Device Discovery Topology Mapping Using the Topology Map Saving a Customized Topology Map Layout Using Enclosures with Fabric Manager Topology Maps Mapping Multiple Fabrics Inventory Management Using the Inventory Tab from Fabric Manager Web Services Configuring System Message Logging Syslog Server Logging Facilities and Severity Levels Page Page Configuring Message Logging Configuring a Syslog Server Verifying Syslog Servers from Fabric Manager Web Services Viewing Logs from Fabric Manager Web Services Viewing Logs from Device Manager Health and Event Monitoring Fabric Manager Events Tab Event Information in Fabric Manager Web Services Reports Events in Device Manager Performance Monitoring Real-Time Performance Monitoring Device Manager Real-Time Performance Monitoring Fabric Manager Real-Time ISL Statistics Historical Performance Monitoring Creating a Flow with Performance Manager Creating a Collection with Performance Manager Using Performance Thresholds Using the Performance Manager Configuration Wizard Starting and Stopping Data Collection Viewing Performance Manager Reports Performance Summary Performance Tables and Details Graphs Viewing Performance of Host-Optimized Port Groups Generating Top10 Reports in Performance Manager Generating Top10 Reports Using Scripts Exporting Data Collections to XML Files Exporting Data Collections in Readable Format Configuring Performance Manager for Use with Cisco Traffic Analyzer Page Page Third-Party Integration Call Home Configuration Cisco AutoNotify Configuring Call Home Configuring Call Home Destination Profiles and Alert Groups Call Home Message Severity Levels Event Triggers Page Message Contents Page Page Page Page Page Configuring SNMP Events Filtering SNMP Events Configuring SNMP Event Destinations Configuring Event Security Viewing the SNMP Events Log Configuring RMON Using Threshold Manager Enabling RMON Alarms by Port Enabling RMON Alarms for VSANs Enabling RMON Alarms for Physical Components Managing RMON Events Managing RMON Alarms Viewing the RMON Log Page Page Troubleshooting Your Fabric Troubleshooting Tools and Techniques Cisco Traffic Analyzer Cisco Protocol Analyzer Analyzing Switch Device Health Online System Health Management Loopback Test Configuration Frequency Performing Internal Loopbacks Performing External Loopbacks Hardware Failure Action Analyzing Switch Fabric Configuration Analyzing End-to-End Connectivity Configuring a Fabric Analyzer About the Cisco Fabric Analyzer Local Text-Based Capture Remote Capture Daemon GUI-Based Client Configuring the Cisco Fabric Analyzer Sending Captures to Remote IP Addresses Displaying Captured Frames Defining Display Filters Capture Filters 35-12 Permitted Capture Filters list. Using the Ping Tool menus for hosts and storage devices in the Fabric pane. You see the Ping dialog box. Using Traceroute and Other Troubleshooting Tools Analyzing the Results of Merging Zones Issuing the Show Tech Support Command Locating Other Switches Getting Oversubscription Information in Device Manager Management Software Troubleshooting Page Installation Issues When installing Fabric Manager from windows, clicking the install button fails. How do I install Java Web Start on a UNIX machine? Why cant I launch Fabric Manager on Solaris? Why is my browser prompting to save JNLP files? Why do I get a Java Web Start not detected error? Why cant I see my desktop shortcuts? How do I upgrade to a newer version? How do I downgrade Fabric Manager or Device Manager? What do I do if my upgrade is not working? Java Web Start hangs on download dialog. What do I do? How can I manually configure my browser for Java Web Start? Can I run Java Web Start from the command line? Windows 2000 crashes (blue screen). What do I do? How do I clear the Java Web Start cache? Why doesnt my login work in Fabric Manager and Device Manager? Why cant I install Fabric Manager or Device Manager when pcAnyWhere is running? The Fabric Manager or the Performance Manager service shows up as disabled in the Services menu. General Page Page Windows Issues Page UNIX Issues Why do the parent menus disappear? Why do I keep getting a "too many open files" error? Other How can I set the map layout so it stays after I restart Fabric Manager? Two switches show on my map, but I only have one switch There is a red/orange/dotted line through the switch. Whats wrong? Page Page Page Page Can I upgrade without losing my map settings? How can I preserve historical data when moving Fabric Manager server to a new host? Are there any restrictions when using fabric manager across FCIP? I see Please insure that FM server is running on localhost. How can I run Cisco Fabric Manager if I have multiple interfaces? Manually specifying an interface for Fabric Manager Server Manually specifying an interface for Fabric Manager Client or Device Manager How can I configure an HTTP proxy server? How can I clear the topology map? Can I use Fabric Manager in a mixed software environment? I get an error when launching Fabric Manager Can I search for devices in a fabric? Do I need a license of Fabric Manager Server for each switch in the fabric? How can I manage multiple fabrics? License expiration causes orange X through switch A GUI/CLI Usage Chart Procedures Page Page Page Page Page B Interface Nonoperational Reason Codes Page C Managing Cisco FabricWare Fibre Channel Support Zone Configuration Security Events Managing Cisco FabricWare with Fabric Manager Page INDEX Numerics A B C D E F Page G H I Page Page K L M N O P R S Page T U V W Z