Manuals / Q-Logic / Computer Equipment / Network Router

Q-Logic 6140 manual Configuring Chap, CLI-Discovery Session-Bi-directional Chap

Models: 6140

1 250

Download 250 pages 45.66 Kb

Page 201

B Configuring CHAP

CHAP Definition

In challenge handshake authentication protocol (CHAP), the authentication agent sends the client program a random value that is used only once and an ID value. Both the sender and peer share a predefined secret. The peer concatenates the random value, the ID, and the secret; it calculates a one-way hash using MD5 (Message-Digest algorithm 5). It sends the hash value to the authenticator, which in turn builds that same string on its side, calculates the MD5 checksum, and compares the result with the value received from the peer. If the values match, the peer is authenticated.

By transmitting only the hash, the secret cannot be reverse-engineered. The algorithm increases the ID value with each CHAP dialogue to protect against replay attacks.

Configuring CHAP Using CLI

The following sections describe the procedure for configuring CHAP from the command line interface (CLI).

CLI—Discovery Session—Bi-directional CHAP

To configure a bi-directional CHAP used during a discovery session:

1.On the router:

a.Enable CHAP on the port.

b.Create a secret (for example, secret_port).

c.Using the set chap command, choose the iSCSI node that represented the GE port.

d.Use the show iscsi command to find the iSCSI node name of the GE port.

FI0154601-00 C

B-1

Image 201

Q-Logic 6140 manual Configuring Chap, CLI-Discovery Session-Bi-directional Chap

Contents

SANbox 6140 Intelligent Storage Router SANbox 6140 Intelligent Storage Router User’s Guide Document Revision HistorySANbox 6140 Intelligent Storage Router User’s Guide Page Table of Contents Planning Removal/Replacement FI0154601-00 C Command Reference Configuring Chap Simple Network Management Protocol Snmp FI0154601-00 C List of Tables FI0154601-00 C Related Materials Intended AudienceSafety Communications Statements CE Statement Federal Communications Commission FCC Class a StatementVcci Class a Statement Laser Safety InformationElectrostatic Discharge Sensitivity Esds Precautions Accessible PartsGeneral Public License Preamble FI0154601-00 C FI0154601-00 C FI0154601-00 C No Warranty END of Terms and Conditions Ty Coon, President of Vice How to Apply These Terms to Your New ProgramsTechnical Support AvailabilityTraining Contact Information General Description System Fault LED Amber Input Power LED GreenSystem Fault LED Blink Patterns Chassis LEDsMaintenance Button Reset a RouterChassis Controls Reset IP Address Reset and Select Boot ImageEnable Dhcp Restore Factory DefaultsPower on Before firmware Initialization Power OFFFibre Channel Ports Fibre Channel Port LEDsFibre Channel Transceivers Ethernet Port-Management Gigabit Ethernet Port LEDsSerial Port Pin Identification Serial PortDevices PlanningFC Performance Device AccessFibre Channel ISCSIISCSI Performance Related performance characteristics include the followingBandwidth LatencyPerformance Tuning T1 / DS-1 1.554 Mbits/SecT3 / DS-3 45 Mbits/Sec Mbits/Sec OC-3 150 Mbits/Sec OC-1 50 Mbits/SecMultiple Routers ManagementOC-12 and Above 621 Mbits/Sec Services RecoverySecurity FI0154601-00 C Site Requirements Management WorkstationManagement Workstation Requirements Environmental Conditions Power RequirementsSANbox 6140 Router and Accessories Installing the SANbox 6140 RouterInstall the Transceivers Pre-installation Check ListPre-installation Checklist Mount the RouterConnect the Management Workstation to the Router Configure the Management WorkstationConfiguring the Workstation Serial Port Setting the Workstation IP AddressWindows Installation Install SANsurfer iSCSI/FC Router ManagerConnect the router to the power see Select the Intelligent Storage Routers iconLinux Installation For Linux, enter the following commandStart SANsurfer iSCSI/FC Router Manager Configure the Router Connect the Router to AC PowerCable Devices to the Router Telnet 10.0.0.1 username guest passwordUsing SANsurfer iSCSI/FC Router Manager to Install Firmware Firmware InstallationUsing the CLI to Install Firmware Enter your username and password. For exampleType y to reboot the system Enter reboot. The following message displaysAt the ftp prompt, type bin to set binary mode. For example Following message displaysThis section describes the following conditions Chassis DiagnosticsPower-On Self-Test Diagnostics Input Power LED is OffSystem Fault LED is On LED Blink Patterns System Error Blink PatternHeartbeat Blink Pattern OK OperationalManagement Port IP Address Conflict Blink Pattern Over-Temperature Blink PatternRecovering a Router FI0154601-00 C SFP Transceiver Removal and Replacement Removal/ReplacementRouter Removal and Replacement ReplacementRemoval Introduction SANsurfer iSCSI/FC Router ManagerSANsurfer Router Manager Main Window Sections Menu BarSettings Menu File MenuView Menu 7shows the Wizards drop-down menu Wizards Menu8shows the Help drop-down menu Help MenuAction Menu Tool BarSANsurfer iSCSI/FC Router Manager Action Menu 11shows the system tree System Tree Window12 Component Information Status Icons and TextRouter FC and iSCSI PortsDiscovered iSCSI Initiators ISCSI Presented Targets FC Discovered TargetsFC discovered target icons LUN iconsInformation SANbox 6140 RouterConnectivity Basic Information14 Information Tabbed Page Management Information Management InformationFI0154601-00 C 15 Information Tabbed Page NTP Server Information NTP Server Information16 Information Tabbed Page Security Information Security InformationSnmp Configuration Snmp ManagementSnmp Management tabbed page provides the following options Snmp Trap Receivers Snmp Settings„ Link Status Port status, either Link Up or Link Down FC Ports19 FC Port Advanced Configuration Tabbed Advanced ConfigurationClick OK to close the message box Save FC Port Settings Complete20 FC Port Statistics StatisticsISCSI port display consists of three tabs „ Information ISCSI PortsISCSI Port Network Settings ISCSI Port Information„ Actual FI0154601-00 C 22 Enable iSNS Server with IPv4 Address Enable iSNSAdvanced iSCSI Port Parameters 24 Advanced Configuration TabbedFI0154601-00 C Discovered iSCSI Initiators Initiator Information 25 Discovered iSCSI Initiator Tabbed PagesChap Settings 26 LUN List Tabbed LUN List27 FC Discovered Targets Information Tabbed FC Discovered Targets28 LUN List Tabbed 29 iSCSI Presented Target List Tabbed ISCSI Presented Target List Tabbed30shows the Discovered LUN Information tabbed Discovered LUN Information TabbedFI0154601-00 C 31shows the LUN Presentation Information 1 tabbed LUN Presentation Information 1 and 2 Tabbed Pages32 iSCSI Presented Targets Tabbed Pages ISCSI Presented TargetsInformation Tabbed 33 LUN Presentation Information Tabbed LUN Presentation Information Tabbed34 Discovered LUN Information Tabbed Discovered LUN Information35 Wizards Menu Wizards36 iSCSI Port Selection Dialog Box Configuration WizardClick Next „ IP Address „ Subnet Mask „ GatewayISCSI Port IPv6 Settings Panel appears, as shown in Figure 38 iSCSI Port IPv6 Settings PanelConfirm Changes dialog box displays, as shown in Figure 39 Confirm Changes Dialog BoxWizard displays a Warning message, as shown in Figure Enter the password, then click OK42 iSCSI Port Configuration Status Read the information, then click Finish System displays the Finish dialog box, as shown in Figure44 Create an Initiator Dialog Box Add Initiator WizardSecurity Check dialog box displays, as shown in Figure 45 Security Check Dialog Box47 Router Selection Dialog Box FW Update Wizard48 Firmware File Selection Dialog Box 49 Confirm Changes Dialog Box 51 Firmware Update Status Dialog Box-Progress Presentation Wizard 53 Device Selection Dialog Box LUN Mapping dialog box displays, as shown in Figure 54 LUN Mapping Dialog Box55 Confirm Changes Dialog Box Finish dialog box displays, as shown in Figure 57 LUN Masking Configuration Status Dialog BoxClick Finish to complete the Presentation wizard 59 Finish Dialog Box60 Device Selection Dialog Box Presentation Unmap WizardConfirm the LUN mapping changes by clicking Next 61 Select the Initiator for the LUN Presentation Dialog BoxClick Finish to close the wizard 63 Security Check Dialog BoxLogging on to a SAN Router Command ReferenceModifying a Configuration Working with SAN Router ConfigurationsSaving and Restoring Router Configurations „ LUN Mapping, which uses the following commandSave Router Configuration and Persistence Restore Router Configuration and Persistence CLI command syntax is as follows CommandsCommand Table A-1. Command Line CompletionAuthority Admin CommandSyntax KeywordsBeacon Command BeaconOff Clear logs or stats Clear CommandLogs StatsSyntax date Date CommandMMDDhhmmCCYY Keywords MMDDhhmmCCYYKeywords restore FRU CommandRestore save Syntax fruDisplays a list of the commands and their syntax Help CommandExamples The following example shows the help command Authority None Syntax helpLuns Lunmask Memory Mgmt Ntp Presentedtargets snmp Examples The following example shows the history command Displays a numbered list of the previously entered commandsHistory Authority None Syntax historyCleanup Image CommandImage Unpack fileInitiator Initiator CommandAdd ModPlease select an Initiator from the list above q to quit Logout Command Examples The following example shows the logout commandAuthority None Syntax logout Lunmask Lunmask CommandSeagate Changes the guest and administrator passwords Password CommandExamples The following example shows the passwd command Syntax passwdPing Command Examples The following example shows the ping commandSyntax ping Quit Command Examples The following example shows the quit commandAuthority None Syntax quit Syntax reboot Reboot CommandRestarts the router firmware Authority Admin session Examples The following example shows the reboot commandReset Factory Command Traces Save CommandSet Command Syntax setKeywords chap Configures general router parameters Set Chap CommandFollowing example shows the set chap command Set chapSet FC Command Set fc portnumPortnum FI0154601-00 C Configures an iSCSI port Set iSCSI CommandNumber of the iSCSI port to be configured Following example shows the set iscsi commandFI0154601-00 C Configures iSNS parameters for an iSCSI port Set iSNS CommandNumber of the iSCSI port to be configured for iSNS Following example shows the set isns commandConfigures the router’s management port 10/100 Set Mgmt CommandFollowing example shows the set mgmt command Set mgmtConfigures the NTP parameters Set NTP CommandFollowing example shows the set ntp command Set ntpSpecifies the setting of the trap destinations Set Snmp CommandSet snmp TrapdestinationsThat have been changed Will now be saved Configures the general router parameters Set System CommandFollowing example shows the set system command Set systemConfigures the router’s Vlan parameters Set Vlan CommandFollowing example shows the set vlan command Set vlanAuthority None Syntax show chap Show CommandInitiators fc or iscsi InitiatorslunmaskLuns LuninfoPresentedtargets fc or iscsi Targets fc or iscsiDisplays Chap configuration for iSCSI nodes Show Chap CommandExamples The following example shows the show fc command Authority None SyntaxNone Show FC CommandShow fc portnum Identifies the number of the FC port to displayKeywords fc Show Initiators CommandSyntax show initiators fc Specifies the display of Fibre Channel initiatorsShow Initiators LUN Mask Command Authority NoneSyntax show initiatorslunmask Show iSCSI Command Show iscsi portnumNumber of the iSCSI port to be displayed IPv6 Link Local Show iSNS Command Following example shows the show isns commandShow isns portnum Examples The following example shows the show logs command Show Logs CommandDisplays the router event log Show logsShow luninfo Show Luninfo CommandExamples The following example shows the show luns command Show LUNs CommandDisplays LUN information for each target Show lunsSyntax show lunmask Show Lunmask CommandShow Mgmt Command Following example shows the show mgmt commandShow mgmt Show ntp Show NTP CommandShow Presented Targets Command Syntax show presentedtargets fcSpecifies the display of FC presented targets 10.3.5.66 Show snmp Show Snmp CommandShow Stats Command Displays the router statistics FC and iSCSIShow stats 60362392962831 55036896842234 IP Fragment Rcvd Out of Order Show system Show System CommandShow targets Show Targets CommandScsi Specifies the display of FC targetsFollowing example shows the show targets iscsi command Show Vlan Command Syntax show vlan portnumKeywords portnum Following example shows the target add command Target CommandTarget Not supportedTargetMap Command Following example shows the targetmap add commandTargetmap Following example shows the targetmap rm remove command Syntax traceroute Traceroute CommandCLI-Discovery Session-Bi-directional Chap Configuring ChapSelect Mutual Authentication Click Advanced Select Chap Login InformationCLI-Discovery Session-Uni-directional Chap Click DiscoveryClick OK Click OK. The initiator completes the normal login CLI-Normal Session-Bi-directional ChapUse Set Chap Click Advanced Configuration Select Enable Chap CLI-Normal Session-Uni-directional ChapGUI-Discovery Session-Bi-directional Chap Type the IQN name string GUI-Discovery Session-Uni-directional ChapClick Add Enter the address of the iSCSI port of the bridge Click OK Click OK. The initiator completes discoveryClick Information Select Enable Chap Click Advanced Click Chap Login InformationGUI-Normal Session-Bi-directional Chap Click AdvancedGUI-Normal Session-Uni-directional Chap Click OK Click OK. The initiator completes normal loginFI0154601-00 C Table C-1. Application Modules-Informational Log Messages Application ModulesTable C-2. Scsi Driver-Informational Log Messages ISCSI DriverTable C-3. Fibre Channel Driver-Informational Log Messages Fibre Channel DriverTable C-4. Application Module-Error Log Messages Error Log MessagesCapacity Table C-4. Application Module-Error Log Messages FI0154601-00 C FI0154601-00 C Table C-5. iSCSI. Driver-Error Log Messages Log Messages Table C-6. Fibre Channel Driver-Error Log MessagesLog Messages Error Log Messages User Modules Table C-7. User Modules-Error Log MessagesLog Message System Table C-8. System-Error Log MessagesTable C-9. iSCSI Driver-Fatal Log Messages Fatal Log MessagesTable C-9. iSCSI Driver-Fatal Log Messages Table C-10. Fibre Channel Driver-Fatal Log Messages FC DriverTable C-10. Fibre Channel Driver-Fatal Log Messages Table C-11. System-Fatal Log Messages FI0154601-00 C Table D-1. Snmp Properties Snmp PropertiesTable D-2. Snmp Trap Configuration Parameters Snmp Trap ConfigurationQsrSerialNumber System InformationQsrHwVersion QsrSwVersionQsrNwPortEntry Network Port TableQsrNwPortIndex QsrNwPortRoleQsrNwPortAddressMode QsrIPAddressTypeFibre Channel Port Table QsrFcPortRole QsrFcPortEntryQsrFcPortIndex QsrFcPortNodeWwnSensor Table Sensor entry consists of the following sequence of objects QsrSensorEntryQsrSensorType QsrSensorIndexQsrUpperThreshold QsrSensorValueQsrLowerThreshold QsrSensorStateQsrEventSeverity Notification ObjectsQsrEventDescription QsrEventTimeStampAgent Shut Down Notification Agent Start Up NotificationNetwork Port Down Notification Fibre Channel Port Down NotificationGeneric Notification Sensor NotificationFI0154601-00 C Index AC power CE statement Account, guest A-2Index-2 FI0154601-00 C FI0154601-00 C Index-3 LUN FI0154601-00 C Index-5 Index-6 FI0154601-00 C TCP Index-8 FI0154601-00 C