Q-Logic 5800V - page 64

2–Planning

Security

2-26 59265-02 B

To secure F_Ports and E_Ports, and pass authorization and authentication to a

RADIUS server:

1. Configure the Radius_1 host as a RADIUS server on Switch_1 and

Switch_2 to authenticate device logins, as shown in the following table:

Specify the server IP address and the secret with which the switches will

authenticate with the server. Configure the switches so that devices

authenticate through the switches only if the RADIUS server is unavailable.

2. Create a security set (Security_Set_1) on Switch_1.

a. Create a port group (Group_Port_1) in Security_Set_1 with Switch_1

and Adapter_1 as members, as shown in the following:

Device Authentication

Order RadiusLocal—Authenticate devices using the

RADIUS server security database first. If the RADIUS

server is unavailable, use the local switch security

database.

Total Servers 1—Enables support for one RADIUS server

Device Authentication

Server True—Enables Radius_1 to authenticate device log-

ins.

Server IP Address 10.20.30.40

Secret 1234567890123456—16-character ASCI string (MD5

hash). This is the secret that allows direct communica-

tion with the RADIUS server.

Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c

Authentication: CHAP

Primary Hash: MD5

Primary Secret: 0123456789abcdef

Adapter_1 Node WWN: 10:00:00:c0:dd:07:c3:4d

Authentication: CHAP

Primary Hash: MD5

Primary Secret: fedcba9876543210

Contents

Main Document Revision History Table of Contents Preface 1 General Description 2 Planning 3 Installation 4 Diagnostics/Troubleshooting 5 Removal/Replacement A Specifications Glossary Index List of Figures List of Tables Preface Intended Audience Related Materials Whats New in this Release Safety Notices Sicherheitshinweise Notes informatives relatives la scurit Advertencias de seguridad Communications Statements Federal Communications Commission (FCC) Class A Statement Canadian Department of Communications Class A Compliance Statement Avis de conformit aux normes du ministre des Communications du Canada CE Statement VCCI Class A Statement Laser Safety Information Electrostatic Discharge Sensitivity (ESDS) Precautions Accessible Parts Pices Accessibles Zugngliche Teile General Public License Preamble Terms and Conditions for Copying, Distribution and Modification Page Page Page How to Apply These Terms to Your New Programs Page qfsApp Program License Technical Support Training Contact Information Page Page 1 Figure 1-1. QLogic 5802V Stackable Fibre Channel Switch Chassis Controls and LEDs Figure 1-2. Chassis LEDs and Controls Input Power LED (Green) Heartbeat LED (Green) System Fault LED (Amber) Maintenance Button Resetting a Switch Placing the Switch in Maintenance Mode Fibre Channel Ports Figure 1-3. Fibre Channel Ports Port LEDs Figure 1-4. Port LEDs Port Logged-In LED (Green) Port Activity LED (Green) Transceivers Port Types Table 1-1. Fibre Channel Port Types Ethernet Port Figure 1-5. Ethernet Port Serial Port Figure 1-6. Serial Port and Pin Identification Table 1-2. Serial Port Pin Identification Power Supplies and Fans Model 5800V Model 5802V Figure 1-7. Model 5802V Power Supplies Switch Management QuickTools Web Applet Enterprise Fabric Suite Command Line Interface Application Programming Interface Simple Network Management Protocol Storage Management InitiativeSpecification File Transfer Protocols 2 Devices Device Access Table 2-1. Zoning Database Limits Performance Distance Table 2-2. Port Transmission Distances Bandwidth Table 2-3. Extended Credit Distances and Cable Lengths Latency Feature Licensing Table 2-4. Port-to-Port Latency Multiple Chassis Fabrics Optimizing Device Performance Domain ID, Principal Priority, and Domain ID Lock Stacking Figure 2-1. Two-Switch Stack Figure 2-2. Three-Switch Stack Page Figure 2-5. Six Switch Stack Common Topologies Cascade Topology Figure 2-6. Cascade-with-a-Loop Topology Mesh Topology Figure 2-7. Mesh Topology MultiStage Topology Figure 2-8. Multistage Topology Transparent Routing Page Page Switch Services Page Internet Protocol Support Security User Account Security IP Security Port Binding Connection Security Device Security Page 2Planning Security 2-22 59265-02 B Security Example: Switches and Adapters with Authentication Figure 2-9. Security Example: Switches and Adapters Page Page Security Example: RADIUS Server Figure 2-10. Security Example: RADIUS Server Page Page Page 2Planning Security 59265-02 B 2-29 Security Example: Host Authentication Figure 2-11. Security Example: Management Server Page Fabric Management Page 3 Site Requirements Fabric Management Workstation Switch Power Requirements Environmental Conditions Table 3-1. Management Workstation Requirements Installing a Switch Figure 3-1. QLogic 5802V Fibre Channel Switch Mount the Switch Install the Transceivers Page Configure the Workstation Configuring the Workstation IP Address for Ethernet Connections Windows Workstation Linux or Solaris Workstation Mac OS X Workstation Configuring the Workstation Serial Port Connect the Switch to AC Power Page Connect the Workstation to the Switch Figure 3-4. Workstation Cable Connections Configure the Switch QuickTools Switch Configuration CLI Switch Configuration Cable Devices to the Switch Installing Firmware Using QuickTools to Install Firmware Using the CLI to Install Firmware One-Step Firmware Installation Page Custom Firmware Installation Adding a Switch to an Existing Fabric Installing Feature License Keys Page 4 Chassis Diagnostics Figure 4-1. Chassis LEDs Input Power LED Is Not Lit System Fault LED Is Lit Power-On Self Test Diagnostics Heartbeat LED Blink Patterns Page Configuration File System Error Blink Pattern Figure 4-4. Configuration File System Error Blink Pattern Over-Temperature Blink Pattern Figure 4-5. Over-Temperature Blink Pattern Logged-In LED Indications Figure 4-6. Logged-In LED E_Port Isolation Page Excessive Port Errors Transceiver Diagnostics Power Supply Diagnostics Figure 4-7. Model 5802V Power Supply LEDs Recovering a Switch Using Maintenance Mode Exiting the Maintenance Menu (Option 0) Unpacking a Firmware Image File in Maintenance Mode (Option 1) Page Remaking the File System in Maintenance Mode (Option 6) Resetting the Switch in Maintenance Mode (Option 7) Updating the Boot Loader in Maintenance Mode (Option 8) 5 Transceiver Removal and Replacement Power Supply Removal and Replacement Figure 5-1. Power Supply Removal Figure 5-2. Power Supply Installation Page A Fabric Specifications Page Maintainability Fabric Management Dimensions Electrical Power Cord Specifications Table A-1. Available Power Cords Table A-1. Available Power Cords (Continued) Region/Country Specification QLogic SKU Number Environmental Regulatory Certifications Glossary Page Page Page Page Page Page Page Index Numerics A B C D E F G H I L M N Q R S T U V W X Z