Chapter 9 Configuring Authentication

Configuring Authentication Services

TACACS+ Hosts

Use the commands in the following procedure to configure TACACS+ authentication services.

 

Command

Description

Step 1

 

 

enable

Enter Administrator mode.

Step 2

 

 

tacacs-server host 10.7.0.22

Specify the TACACS+ servers to be used for authentication. For

 

tacacs-server host 10.7.0.41

example, specify the TACACS+ servers at 10.7.0.22, 10.7.0.41,

 

and 10.7.0.45 for use by the storage router. Because no port is

 

tacacs-server host 10.7.0.45

 

specified, the authentication requests use the default port 49. The

 

 

global timeout value is also used.

 

 

Like RADIUS servers, TACACS+ servers are accessed in the order

 

 

in which they are defined (or for a specified server group, in the

 

 

order they are defined in the group).

 

 

See the Cisco SN 5400 Series Storage Router Command Reference

 

 

for more information about the tacacs-server host command.

Step 3

 

 

tacacs-server key tacacs123SN

Configure the global authentication and encryption key to be used

 

 

for all TACACS+ communications between the SN 5428-2 and the

 

 

TACACS+ servers. For example, set the key to tacacs123SN.

 

 

This key must match the key used by the TACACS+ daemon.

 

 

 

Local Username Database

Use the commands in the following procedure to configure a local username database.

 

Command

Description

Step 1

enable

Enter Administrator mode.

Step 2

 

 

username labserver password

Enter a user name and password for each host requiring

 

foo

authentication prior to access to storage and for each user

 

username labserver2 password

requiring Monitor mode access to the SN 5428-2 via console,

 

Telnet or SSH management sessions. For example, add the

 

foo2

 

following user name and password combinations:

 

 

 

 

labserver and foo

 

 

labserver2 and foo2

For iSCSI authentication, user name and password pairs must match the CHAP user name and password pairs configured for the iSCSI drivers that require access to storage via the SCSI routing instances that have iSCSI authentication enabled.

If other services are also used (such as RADIUS or TACACS+), these user name and password pairs must also be configured within the databases those services use for authentication purposes.

Cisco SN 5428-2 Storage Router Software Configuration Guide

 

OL-5239-01

9-13

 

 

 

Page 13
Image 13
Cisco Systems SN 5428-2 manual TACACS+ Hosts, Local Username Database

SN 5428-2 specifications

Cisco Systems SN 5428-2 is a highly versatile and advanced network storage solution designed to meet the demands of data center environments. This robust storage appliance integrates cutting-edge technologies to provide high performance, reliability, and scalability, making it an ideal choice for organizations looking to enhance their data management capabilities.

One of the main features of the SN 5428-2 is its high-density architecture, which allows for efficient utilization of space while providing ample storage capacity. The system supports multiple drive configurations, including HDDs and SSDs, enabling users to tailor their storage solutions based on performance needs and budget constraints. With a significant amount of raw capacity available, organizations can effortlessly handle large volumes of data and support intensive workloads.

The SN 5428-2 boasts advanced data protection technologies, ensuring that critical information is safeguarded against loss or corruption. Features like RAID support provide redundancy and fault tolerance, while snapshot and cloning capabilities offer quick recovery options in case of data breaches or system failures. Additionally, built-in encryption features help protect sensitive data both at rest and in transit.

The appliance incorporates state-of-the-art networking capabilities as well. With support for various network protocols, including iSCSI and Fibre Channel, the SN 5428-2 can seamlessly integrate into existing infrastructures. This adaptability allows for easy connection with different servers and storage systems, facilitating a more cohesive and efficient operational environment.

Furthermore, the SN 5428-2 is designed with scalability in mind. Organizations can start with a basic configuration and expand as their storage needs grow by adding additional drives or connecting more appliances. This flexibility ensures that businesses can continue to meet their evolving data demands without the need for complete system overhauls.

Management and monitoring of the SN 5428-2 are simplified through a user-friendly interface that provides real-time insights into system performance, capacity utilization, and health status. Administrators can easily configure and manage storage resources, making operational tasks more efficient.

In summary, Cisco Systems SN 5428-2 stands out in the realm of storage solutions by combining high density, robust data protection, advanced networking capabilities, and remarkable scalability. Its thoughtful design and features make it an essential tool for organizations looking to enhance their data storage infrastructure and improve overall performance. With its reliable and efficient performance, the SN 5428-2 is well-suited for a wide array of data center applications.