An empty (no members) security group in the active security set will prevent all connections for that security group type. For example, an empty ISL security group will cause the switch to refuse all logins from other switches. To add a security group to a security set:
1.Click Security on the tool bar in the faceplate display or select Security > Edit Security to open the Edit Security dialog.
2.Choose one of the following methods to open the Create a Security Group dialog:
•Click a security set and click Security Group in the tool bar in the graphic window.
•
3.Enter a security group name and select a security group type (ISL, Port, or MS). Remember, only one security group type (1 ISL, 1 Port, 1 MS) in each security set is allowed. The naming conventions for security groups are:
•Must start with a letter
•All alphanumeric chars
•The symbols $_ - and ^ are the only symbols allowed.
4.Click OK to save the change.
Create Security Group Member dialog
Use the Create Security Group Member dialog, shown in Figure 8, to add a member to a security group. Choose options from the Group Member (or manually enter a hex value) and Authentication
Figure 8 Create a Security Group Member dialog
The conventions for ISL security group members are listed below:
•You can enter member World Wide Name (WWN), which must be 16 hex characters, or 23 characters with valid WWN format xx:xx:xx:xx:xx:xx:xx:xx.
•The authentication choices are None and CHAP (Challenge Handshake Authentication Protocol).
•The Secret field is disabled if authentication is set to None. If authentication is CHAP, the Secret field is enabled. The secondary hash and secret are not supported when connecting to other McDATA products.
•Generate is only enabled when authentication is set to CHAP.
•Valid binding entries are 97–127.
26
