Send documentation comments to mdsfeedback-doc@cisco.com.
30-4
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
Chapter 30 FC-SP and DHCHAP
Configuring DHCHAP Authentication
Step 4 Click the Apply Changes icon to enable FC-SP and DHCHAP on the selected switches.
Configuring DHCHAP Authentication Modes
The DHCHAP authentication status for each interface depends on the configured DHCHAP port mode.
When the DHCHAP feature is enabled in a switch, each Fibre Channel interface or FCIP interface may
be configured to be in one of four DHCHAP port modes:
•On—During switch initialization, if the connecting device supports DHCHAP authentication, the
software performs the authentication sequence. If the connecting device does not support DHCHAP
authentication, the software moves the link to an isolated state.
•AutoActive—During switch initialization, if the connecting device supports DHCHAP
authentication, the software performs the authentication sequence. If the connecting device does not
support DHCHAP authentication, the software continues with the rest of the initialization sequence.
•AutoPassive (default)—The switch does not initiate DHCHAP authentication, but participates in
DHCHAP authentication if the connecting device initiates DHCHAP authentication.
•Off—The switch does not support DHCHAP authentication. Authentication messages sent to such
ports return error messages to the initiating switch.
Note Whenever DHCHAP port mode is changed to a mode other than the Off mode, reauthentication is
performed.
Table 30-1 identifies the switch-to-switch authentication behavior between two Cisco MDS switches in
various modes.
Table 30-1 DHCHAP Authentication Status Between Two MDS Switches
Switch N
DHCHAP
Modes
Switch 1 DHCHAP Modes
on auto-active auto-passive off
on
FC-SP
authentication is
performed.
FC-SP
authentication is
performed.
FC-SP authentication
is performed.
Link is brought
down.
auto-Active FC-SP
authentication is
not performed.
auto-Passive
FC-SP authentication
is not performed.
off
Link is brought
down.
FC-SP authentication is not performed.