Manuals / Q-Logic / Computer Equipment / Network Router

Q-Logic ISR6142 Configuring CHAP, CHAP Definition, „ “Normal Session-Bi-directional CHAP” on page

Models: ISR6142

1 154

Download 154 pages 40.65 Kb

Page 15

3 Configuring CHAP

3 Configuring CHAP

This chapter describes CHAP and provides the procedures for configuring CHAP from the command line interface (CLI).

For procedures, see the following sections:

“Discovery Session—Bi-directional CHAP” on page 3-2

“Discovery Session—Uni-directional CHAP” on page 3-3

“Normal Session—Bi-directional CHAP” on page 3-4

“Normal Session—Uni-directional CHAP” on page 3-5

CHAP Definition

In challenge handshake authentication protocol (CHAP), the authentication agent sends the client program a random value that is used only once and an ID value. Both the sender and peer share a predefined secret. The peer concatenates the random value, the ID, and the secret, and calculates a one-way hash using MD5 (Message-Digest algorithm 5). It sends the hash value to the authenticator, which in turn builds that same string on its side, calculates the MD5 checksum, and compares the result with the value received from the peer. If the values match, the peer is authenticated.

By transmitting only the hash, the secret cannot be reverse-engineered. The ID value is increased with each CHAP dialogue to protect against replay attacks.

SN0054659-00 A

3-1

Image 15

Q-Logic ISR6142 manual Configuring CHAP, CHAP Definition, „ “Discovery Session-Bi-directional CHAP” on page

Contents

User’s Guide iSR6142 Command Line Interface CLIDocument Revision History ChangesSections Affected Introduction Command UsageConfiguring CHAP Command ReferenceImage Initiator Localmap Logout Password Ping Quit Reboot Remote Map Simple Network Management Protocol SNMP Log MessagesList of Tables Index1 Introduction Intended AudienceRelated Materials Availability Technical SupportContact Information Trainingcalasupport@qlogic.com Latin and South America Region„ Logging On to a SAN Router „ Guest Account 2 Command Usage„ Working with SAN Router Configurations Logging On to a SAN RouterGuest Account Working with SAN Router ConfigurationsModifying a Configuration Saving and Restoring Router ConfigurationsSave Router Configuration and Persistence Restore Router Configuration and Persistence „ “Discovery Session-Uni-directional CHAP” on page 3 Configuring CHAPCHAP Definition „ “Discovery Session-Bi-directional CHAP” on page4. Click Discovery Discovery Session-Bi-directional CHAP7. Click Advanced 8. Select Chap Login Information 10. Select Mutual AuthenticationDiscovery Session-Uni-directional CHAP Normal Session-Bi-directional CHAP 6. Click Advanced 7. Select Chap Login Information9. Select Mutual Authentication Normal Session-Uni-directional CHAP SN0054659-00 A 3 - Configuring CHAP Normal Session-Uni-directional CHAPA B C D F H I L P Q R S Set Show T 4 Command ReferenceCommand Listing Table 4-1. CLI CommandsEffect Command SyntaxTable 4-2. Command Line Completion KeystrokeKeywords AdminAuthority SyntaxKeywords BeaconAuthority SyntaxKeywords ClearAuthority SyntaxDate Syntax dateKeywords MMDDhhmmCCYY Keywords add FcipRouteFCIP route modify command example FCIP route remove command example Syntax fru Keywords restoreExamples HelpAuthority Syntaxmemory mgmt ntp Authority None Syntax History HistoryAuthority Keywords cleanupImage Syntax imageKeywords InitiatorAuthority SyntaxInitiator remove command example Keywords LocalmapAuthority SyntaxLocalmap add command example without FC port query Localmap remove command example Authority None Keywords logout LogoutSyntax Passwordpassword AuthorityAuthority PingSyntax ping Examples Ping command exampleAuthority None Syntax quit QuitSyntax Rebootreboot AuthorityKeywords Remote MapAuthority SyntaxRemotemap add command example with SMART-WRITE licenses Remotemap modify command example with SMART-WRITE licenses Remotemap add command example without SMART-WRITE licensesRemotemap remove command example Remotemap modify command example without SMART-WRITE licensesKeywords Remote PeerAuthority SyntaxRemotepeer remove command example Reset factory command example Reset FactoryAdmin session reset factoryKeywords SaveAuthority SyntaxSave traces command examples Authority Syntax setKeywords chap featuressystem Sets system parameters such as symbolic name and log levelSyntax Set CHAPQRouter admin # set chap AuthorityKeywords Set FCAuthority SyntaxSyntax Set Featuresset features AuthorityKeywords Set iSCSIAuthority SyntaxIPv6 Tgt TCP Port No. Min=1024, Max=65535 Keywords Set iSNSAuthority SyntaxExamples Set MgmtAuthority SyntaxExamples Set NTPAuthority SyntaxSet Properties AuthoritySyntax set properties Keywords Set SNMPAuthority Syntax4 - Command Reference Command Syntax 4-46SN0054659-00 A Examples Set SystemAuthority SyntaxShow Authority None Syntax show chapKeywords chap Displays SCSI initiator information iSCSI or FC Displays targets discovered by the router FC, iSCSI, or both Displays the router statistics, both FC and iSCSIshow chap Show CHAPAuthority None SyntaxKeywords Show FCAuthority SyntaxKeywords Show FcipRoutesAuthority SyntaxShow Features Syntax show featuresAuthority None Keywords fc Show InitiatorsSyntax Show iSCSIQRouter admin # show iscsi Authority4 - Command Reference Command Syntax SN0054659-00 A4-57 Keywords Show iSNSAuthority SyntaxShow Localmaps Authority NoneSyntax show localmaps show logs Show LogsAuthority None SyntaxShow Memory Authority NoneSyntax show memory show mgmt Show MgmtAuthority None Syntaxshow ntp Show NTPAuthority None SyntaxSyntax show perf byte initrbyte initwbyte tgtrbyte tgtwbyte Show PerformanceKeywords byte Authority NoneShow Performance byte command example Displaying bytes/sec totalPress any key to stop display Show Presented Initiators Authority NoneSyntax show presentedinitiators Keywords fc Show Presented TargetsShow Presented iSCSI Targets command example Show Properties Authority NoneSyntax show properties Show Remotemaps Authority NoneSyntax show remotemaps Show Remotepeers Authority NoneSyntax show remotepeers show snmp Show SNMPAuthority None Syntaxshow stats Show StatsAuthority None SyntaxData Bytes Xmited 55036896842234 PDUs Rcvd Unexpected I/O Rcvd iSCSI Format Errors Header Digest Errors show system Show SystemAuthority SyntaxKeywords Show TargetsAuthority SyntaxKeywords Show VLANAuthority SyntaxAuthority Admin session Syntax shutdown ShutdownKeywords TargetAuthority SyntaxTraceroute AuthoritySyntax traceroute 4 - Command Reference Command Syntax 4-82SN0054659-00 A „ “Application Modules” on page A-2 „ “iSCSI Driver” on page A-4 A Log MessagesLog Data Informational Log MessagesApplication Modules Table A-1. Application Modules-Informational Log MessagesLog Message Log Message Table A-1. Application Modules-Informational Log Messages ContinuediSCSI Driver Table A-2. iSCSI Driver-Informational Log MessagesLog Message Fibre Channel Driver Table A-3. Fibre Channel Driver-Informational Log MessagesLog Message User Modules Table A-4. User Modules-Informational Log MessagesLog Message Log Message Table A-4. User Modules-Informational Log Messages ContinuedFCIP Table A-5. FCIP-Informational Log MessagesLog Message Table A-7. System-Informational Log Messages TOE DriverSystem Table A-6. TOE-Informational Log Messages„ “Fibre Channel Driver” on page A-20 „ “User Modules” on page A-22 Error Log MessagesTable A-8. Application Module-Error Log Messages „ “Application Modules” on page A-10 „ “iSCSI Driver” on page A-18Log Message Table A-8. Application Module-Error Log Messages ContinuedLog Message Table A-8. Application Module-Error Log Messages ContinuedLog Message Table A-8. Application Module-Error Log Messages ContinuedPage Page Page Page Table A-9. iSCSI Driver-Error Log Messages iSCSI DriverLog Message Page Table A-10. Fibre Channel Driver-Error Log Messages Log MessagesFibre Channel Driver Log Messages Table A-10. Fibre Channel Driver-Error Log Messages ContinuedTable A-11. User Modules-Error Log Messages User ModulesLog Message Log Message Table A-11. User Modules-Error Log Messages ContinuedPage „ “TOE Driver” on page A-30 „ “System” on page A-31 Table A-12. System-Error Log MessagesFatal Log Messages „ “iSCSI Driver” on page A-25 „ “FC Driver” on page A-28Log Message Table A-13. iSCSI Driver-Fatal Log Messages ContinuedLog Message Table A-13. iSCSI Driver-Fatal Log Messages ContinuedFC Driver Table A-14. Fibre Channel Driver-Fatal Log MessagesLog Message Log Message Table A-14. Fibre Channel Driver-Fatal Log Messages ContinuedTable A-15. TOE-Fatal Log Messages TOE DriverLog Message Table A-16. System-Fatal Log Messages SystemLog Message A - Log Messages Fatal Log Messages A-32SN0054659-00 A Table B-1. SNMP Properties B Simple Network Management Protocol SNMPIntroduction SNMP PropertiesParameter SNMP Trap ConfigurationTable B-2. SNMP Trap Configuration Parameters Table B-1. SNMP Properties Continued„ Fibre Channel Port Table Management Information Base MIBSystem Information „ System Information „ Network Port Table „ Fibre Channel Port TableqsrAgentVersion Network Port TableQsrNwPortEntry qsrNoOfGbEPortsqsrIPAddressType qsrNwPortRoleqsrNwPortIndex qsrNwPortAddressModeqsrMacAddress Fibre Channel Port TableqsrNetMask qsrGatewayqsrFcPortIndex qsrFcPortEntryQsrFcPortEntry qsrFcPortRoleqsrFcPortType Sensor TableqsrFcPortWwn qsrFcPortIdqsrSensorType qsrSensorEntryQsrSensorEntry A sensor entry consists of the following sequence of objectsqsrSensorState qsrSensorValueqsrUpperThreshold qsrLowerThreshold„ Agent Shut Down Notification „ Network Port Down Notification NotificationsNotification Objects „ Notification Objects „ Agent Start Up NotificationFibre Channel Port Down Notification Agent Start Up NotificationAgent Shut Down Notification Network Port Down NotificationGeneric Notification Sensor NotificationB - Simple Network Management Protocol SNMP Notifications B-14SN0054659-00 A Index Page Page Page error log messages A-22 messages A-6 Uni-directional CHAP configuration 3-3, 3-5 User modulesiSR6142 Command Line Interface CLI User’s Guide Index-6SN0054659-00 A