Assigning Identity Credentials | SANRAD V-Switch instruction

If you are working in a V-Switch cluster, the identity authentication method(s) must be added on both V- Switches.

In the event of a failover, if each identity does not require authentication on both V-Switches, each attached identity will have free access to the target’s underlying volumes.

Assigning Identity Credentials

You can require initiator authentication before allowing access to a target and its underlying volume(s). The V-Switch supports CHAP and SRP authentication methods. Microsoft and Cisco initiators support CHAP. Use the CLI command acl identity add chap/srp to assign a login authentication method(s) to initiators in an identity.

An assigned authentication method encrypts the host login name and password. The authentication method does not encrypt the virtual volume data transferred. The host login and password do not have to relate to the iSCSI initiator WWUI. They can be any selected character strings.

If you are working with a Microsoft initiator and configuring target authentication, note that the V-Switch exchanges the final character in the password with a zero. Therefore, do not configure initiator passwords with a zero as the final character. CHAP passwords must be between twelve to sixteen characters in length.

acl identity add chap

You need to define four parameters to assign the CHAP/SRP authentication method to an identity:

SWITCH	PARAMETER	DEFINITION	STATUS	EXAMPLE

-id	IDENTITY	ALIAS OF IDENTITY	MANDATORY	accounting
-us	USER NAME	INITIATOR USER	MANDATORY	steven
		NAME
-pw	USER PASSWORD	INITIATOR	MANDATORY	oneveryhot
		PASSWORD	UNLESS A	dude
			RADIUS
			SERVER IS USED
			12-16 CHAR
			STRING
-radius	RADIUS	RADIUS SERVER	OPTIONAL	No parameter
			DEFAULT: NO	required
			DEFAULT: NO

Chapter 7: Volume Exposure and Security

125

Image 131

SANRAD V-Switch manual Assigning Identity Credentials

Contents

Sanrad V-Switch International Headquarters Limited Warranty FCC-15 User Information Regulatory Information Safety Notices User Notes Sanrad V-Switch International Headquarters Limited Warranty Regulatory Information Safety Notices User Notes Table of Contents Switch Configuration Volume Exposure & Security Routine Volume Maintenance 195 Volume Configuration Sample Configurations 285 This Chapter Switch Switch Overview Order of Operations Switch Network Topology Chapter Title Description Manual Organization Transparent1 CLI Command Line InterfaceVolume create transparent Vol Esc Tab Technical Assistance Installing the V-Switch Front Panel Chassis Back Panel System Indicator LEDs Switch 2000 LEDs Scsi Rack Mounting Surface Mounting Attach the Rear L-BRACKET Scsi Storage Port Connection Type Storage Port Connections Switch 2000 FC Storage Ports Network Port Cable Connections Network Port Connections Console Port Connection Powering Up Switch 2000 Power Supplies User Notes LCD Switch 3000 Front Panel Installing the V-Switch Switch 3000 LEDs This step works best with two people Switch 3000 Storage Ports Switch 3000 Storage Port LEDs 1000BASE-SXSHORT-WAVE Laser for Switch 3000 Network Ports Management Port Connection Switch 3000 Management Port Compact Flash CF Slot LCD Scalability Port Scalability Port Switch 3000 Power Supplies Switch Configuration Switch Configuration Introduction to Managing the V-Switch Switch Management Options Switch Status OK Configuring the V-Switch 3000 Management Parameters via LCD Configuring the Management Console Telnet Initializing the V-Switch 212.199.43.46 VSwitchInit -n VSwitch -ip Init Device set VSwitch1Changing Management Parameters Changing General Management Parameters Telnet Rcom LocExt4838 Rld Adding an Snmp Manager Changing the Telnet Communications Port Adding User Login Profiles Page Viewing Scsi Storage Ports and Bus IDs Configuring the Storage PortsSetting a Scsi Storage Port Bus ID Fc interface show Alias Configuring an FC Storage PortViewing the FC Port Information Pscsi set busid -if pscsi3 -id Function Gateway Viewing the V-Switch World Wide Node NameFc set -if fc2 -sp 1 -pt nl -cm prl 2000201058001046 212.199.43.56 Configuring the Network PortsIp config set Ip config set -ip 212.199.43.56 -if eth1 -act Removing an IP Address Checking the IP ConfigurationsIp config show Ip config remove -ip Ip config remove Ip isns add Discovering iSCSI TargetsISCSI Discovery Session ISNS Configuring iSCSI Portals Iscsi portal remove Viewing iSCSI PortalsRemoving iSCSI Portals Iscsi portal create -ip Only one of these paths can be configured for V-Switch Configuring IP Routing Adding an IP Route Setting a Default Gateway Removing an IP Route Checking IP RoutesViewing IP Routes 10.12.40.0 255.255.255.0 Eth3 Ip route remove User Notes Switch Cluster Configuration Switch Cluster Configuration Introduction to V-Switch Clusters Switch Cluster Configuration Re-routing Storage Access with Off-line V-Switch Device set -id Configuring a V-Switch ClusterSetting the V-Switch ID Adding a Neighbor 212.199.43.75 VSwitch2Neighbor add -nb VSwitch2 -ip Neighbor add Cluster with Neighbor IP Addresses Cluster show Last Keep Alive Working with Scsi Storage DevicesMaintaining Cluster Communications Pscsi set busid if pscsi3 -id Enabling and Disabling Failover Further V-Switch Cluster ConfigurationsCluster failover enable Cluster failover disable Neighbor details Viewing V-Switch Neighbor DetailsNeighbor show Neighbor remove VSwitch2 212.199.43.75Managing a Cluster Neighbor set Fint Cluster setKai Sint LUN Carving Volume Configuration Physical Storage used in Examples Introduction to Volume Configuration Storage blink activate Identifying Available Storage DevicesStorage show Alias Entity Name Stor1 Disk2JBOD5 Saveforsnap shots Storage blink activate -s Stor1 -tStorage blink abort Storage set Seagate Storage details Trans1 Creating a Transparent VolumeVolume create transparent -vol Trans1 -d Disk1 Trans1 Transpar 1024 512 Volume showAlias Vol Type Subdisk1 Creating a Subdisk LUN CarvingSubdisk create 18000000 Subdisk details Subdisk create -d Disk1 -sl 18000000 -sa 0 -sd Subdisk1 Subdisk create -d Disk1 -sl Sa 18000000 -sd Subdisk2 DiskStart Address Simple1 Creating a Simple VolumeVolume create simple 17999999 512 Internal Volume create simple -vol Simple1 -sd Subdisk1Volume show Alias State Concat1 Creating a Concatenated VolumeVolume create concatenated Vol Nbc Concatenated Volume Sus Creating a Striped VolumeVolume create stripe Stripe1 Simple4 Simple8 Simple10 Simple2 Striped Volume 100 Creating a Mirrored VolumeVolume create mirror Mirrored1 Volume Configuration 101 Replicating Data in a Mirrored Volume Simple3 Volume mirror syncVolume mirror sync -src Simple3 -dst Simple5 Src Creating a RAID 10 and RAID 0+1 Volume Configuration 103 104 Volume create mirror -vol Mirror2 -ch Simple1 -ch Simple7Volume create mirror -vol Mirror3 -ch Simple3 -ch Simple9 Volume Configuration 105 Second Mirrored Volume of RAID 106 Striped Volume of RAID Volume Exposure and Security 107 Volume Exposure & Security 108 Introduction to Volume Exposure & Security Identities Volume Exposure and Security 109 110 Identity B’s iSCSI Initiators An identity can be used with more than one target Volume Exposure and Security 111 112 Access Rights per Identity-Target Pair Volume Exposure and Security 113 Authentication 114 Switch Creating an iSCSI Target 116 Iscsi target show Acl show Volume Exposure and Security 117Iscsi target details Musicbox Musicdept Read-write Target Position Identity Access FinanceNot accessible Read-write Pos Changing the Default IdentityAcl set Acc Creating an Identity Creating an Identity Volume Exposure and Security 121 Microsoft Adding Initiators to an IdentityAcl identity add name Iqn.1991-05 Adding an Initiator Volume Exposure and Security 123 124 Adding a Second Initiator Assigning Identity Credentials 126 Assigning Credentials Adding Another Set of Credentials Volume Exposure and Security 127 128 Acl identity details DataTurnsMeOn Volume Exposure and Security 129Ip radius add 212.199.43.2 Allow 130 AddressPort 212.199.43.21812 212.199.56.1341812 Volume Exposure and Security 131Ip radius show 132 Connecting an Identity and TargetAcl add Acl add -ta finance -id accounting -acc rw -pos Volume Exposure and Security 133 Vol1 Volume exposeExposing an iSCSI Target and LUN New Volume Exposure and Security 135 Volume expose -vol Vol1 -ta finance -lun 136 Lu show Advanced Volume Operations 137 Advanced Volume Operations Actual Capacity versus Potential Capacity Introduction to Advanced Volume ConfigurationsData Replication Off-line versus On-line Mirror versus Snapshot Src Dst Copying a Volume Off-line CopyVolume copy create Advanced Volume Operations 139 140 Synchronizing a Volume Adding a Child to a Mirror On-line Copy Advanced Volume Operations 141 142 Volume mirror addVol No sync Mirror5 Simple10 No parameter required Advanced Volume Operations 143 Volume mirror add -vol Mir4 -ch Sim6 144 Creating a Snapshot Advanced Volume Operations 145 St Write to Source and Update to 1st Snapshot 146 Volume create snapshotVol Src Advanced Volume Operations 147 Update to 1st Snapshot & 1st Write to Source 148 Advanced Volume Operations 149 Viewing Snapshot VolumesVolume snapshot show Snapshot Date & Time Utilization Snp1Mir1 12/12/02 20% Volume snapshot list -vol Mirror7Breaking a Mirror Mirror7 Removing a Child from a Mirror Advanced Volume Operations 151 152 Volume mirror breakVolume mirror break -vol Mir1 -ch Sim5 Mirror5 Simple10 Advanced Volume Operations 153 Resizing a Volume 154 Creating a Cube Advanced Volume Operations 155 Further Resizing on the Same Volume Ch2 Volume resizeVolume resize -vol Sim2 -a XSim2 -with Sim3 Vol With Mir5 Retracting a VolumeVolume retract Advanced Volume Operations 157 158 Expanding a Volume XSim2 Volume expandVolume expand -vol XSim2 Advanced Volume Operations 159 160 Expanding XSim2 Advanced Volume Operations 161 Routine Volume Maintenance 161 Routine Volume Maintenance Removing a Volume VolumesRenaming a Volume Routine Volume Maintenance 163 Volume remove -vol Stripe1 All Removing all Volumes in a HierarchyVolume remove -all Volume remove -all -vol Stripe1 Vol Nvol Replacing a VolumeVolume replace Routine Volume Maintenance 165 166 Synchronizing a VolumeMirror2 Mirror8 Changing iSCSI Target Parameters Targets and ExposureRemoving an LU Removing an iSNS Server Removing an iSCSI TargetRemoving a Radius Server 169 Snmp Manager 170 General Configuration Parameters Telnet Routine V-Switch Maintenance 171Telnet Port 172 Removing an Snmp Manager Setting an Snmp ManagerSnmp Manager 174 ISNS ServerUser Profiles Adding an iSNS Server Removing a User Profile Adding a User ProfileChanging a User Profile Saving Uploading a V-Switch Database File SwitchResetting a V-Switch Ft download Downloading a V-Switch Configuration FileRoutine V-Switch Maintenance 177 Network Interfaces Storage1 Changing an Interface AliasAdding an Interface IP Address Interface set Removing an Interface IP Address Ip config set -if eth1 -ipIp config remove-ip Routine V-Switch Maintenance 179 180 IP Routing 30.30.20.20 Eth2 Routine V-Switch Maintenance 181Disks and Subdisks Discovering Storage Devices Storage set -s Stor1 -na RAID1 -info Exposeas transparent Renaming a Storage DeviceExposeas Transparent Removing a Subdisk Removing a Storage DeviceRenaming a Subdisk Removing a Neighbor ClustersModifying Neighbor Parameters Kai Routine V-Switch Maintenance 185Modifying a Cluster 186 Switch 3000 Power Supply Ft update -ip 212.199.43.46 -fd sanrad/update/v20 Upgrading the V-Switch SoftwareFt update Sanrad/update System set -rep yes Switch 3000 Compact FlashSystem set Rep Cflash Type Routine V-Switch Maintenance 189System copy From 190 Safe ModeAutomatic Safe Mode Routine V-Switch Maintenance 191 Level 2 Reboot with Default Factory Database Exporting a Corrupted Database Manual Safe Mode Routine V-Switch Maintenance 193 Level O Normal Mode 194 Command Line Interface 195 Command Line Interface 196 Command Line Interface 197 Switch Configuration Init Admin showInit -n VSwitch1 -ip Admin show User Name Admin addAdmin remove Admin password 200 ResetInfo Device set 21/04/2002 Command Line Interface 201Device set -telnet Fc interface show Interface show Fc node showFc set speed Pscsi show Interface detailsInterface set AliasBusID Pscsi3 Pscsi4 Pscsi set busidSnmp manager show Snmp manager add 212.199.43.96 150 Command Line Interface 205Snmp manager set Snmp manager remove 206 Ip config showIp config set Ip config remove 10.10.20.20 255.255.255.0 30.30.20.20 Command Line Interface 207Ip route add Ip route show 10.12.40.40 255.255.255.0 20.22.11.11 Ip route removeIp isns show Ip isns add Neighbor set Command Line Interface 209Ip isns remove Neighbor add Cluster show Neighbor detailsNeighbor remove Cluster set Cluster failover enableCluster failover disable Last Keep Alive Dead Ints FailoverEnabled StateRunning Ft download Ft showFt upload software System set Ft export problemSystem boot 212.199.43.70 Backupdata 214 System copySystem show Command Line Interface 215 Volume Configuration Storage show Storage discoveryStorage blink activate Storage blink abort Storage alias Storage disk showStorage disk set 218 Storage detailsStorage set Stor7 Disk7 Replacedisk2 Subdisk show Command Line Interface 219Storage remove Subdisk create Subdisks details Subdisk detailsSubdisk alias Subdisk show Subdisk remove Volume showSubdisk set Volume details Volume create simple Volume aliasVolume hierarchy Mirror2 Volume create transparentVolume create mirror Volume create concatenated Volume set Volume create striped Volume replace Volume removeVolume remove -all Command Line Interface 227 Volume mirror showVolume mirror sync Volume mirror dummysync Volume copy abort Volume copy createVolume copy show Volume copy abort Vol Dst No sync Volume mirror addVolume mirror break Volume resize 230 Volume retractVolume expand Volume create snapshot Mirro2 Volume snapshot showVolume snapshot list Command Line Interface 231 232 Volume Exposure Iscsi portal remove Command Line Interface 233Iscsi portal show Iscsi portal create Billing.san rad Device Device Iscsi target createIscsi target alias Iscsi target set Acl show Iscsi target authenticationIscsi target remove Acl add Acl details Acl identity show Acl setAcl rem MedSchool All registered students Acl identity detailsAcl identity create Acl identity delete Acl identity add chap Acl identity add nameAcl identity remove name Acl identity remove srp Acl identity remove chapAcl identity add srp Acl down Acl identity setAcl up Key Ip radius showIp radius add Ip radius set Ip radius remove Volume expose -newVolume expose Iscsi Lu showLu details Music.sanrad Expose Lu remove Command Line Interface 245Lu remove Lu details 246 Sample Configurations 247 Sample Configurations 248 Sample Introduction Sample Configurations 249 Installing and Using the V-Switch 250 System Overview Sample Configurations 251 Init -n VSwitch1 252 Iscsi portal create -ip 172.17.200.174 -pProtocol Address Type Port IPv4 172.17.200.174 3260 Create Iscsi Target and LUN Sample Configurations 253 254 Microsoft iSCSI Initiator Sample Configurations 255 New disk should be configured as a basic disk only 256 Replacing a Mirrored Volume Replacing a Failed Disk Sample Configurations 257 258 Stor5 500708206059f880 Enabled EntireVolume create simple -vol Simple5 -d Stor5 Volume replace -vol Simple4 -nvol Simple5 Storage remove -s Stor4 Volume mirror synch -src Simple3 -dst Simple5Volume remove all -vol Simple4 Sample Configurations 259 260 Replicating Data Off-line Attach and View Storage Devices Sample Configurations 261 262 Source Destination Oper Admin Progress StatusSynch None Synch DataRep Sample Configurations 263 Configuring the V-Switch with a Single IP Routing Path LAN a 264 Insert IP 0.0 0 0.0 0 0.0 0 Sample Configurations 265 266 Iscsi portal create -ip 212.199.43.56 -p Sample Configurations 267 268 Sample Configurations 269 270 Sample Configurations 271 Configuring a Cluster 272 Cluster Topology Sample Configurations 273 274 Sample Configurations 275 276 Init -n VSwitch2Neighbor add -nb VSwitch1 -ip Iscsi portal create -ip 212.199.43.75 -p Sample Configurations 277 278 Sample Configurations 279 280 Sample Configurations 281 282 Sample Configurations 283 284 Nd Microsoft iSCSI Initiator Configuration for Host Station Index 285 Index 286 Chap Index 287 Dummy synchronize 288 Interval Index 289 Mirror 290 RS232 19, 46, 190 Index 291 SRP 292 Volume create Index 293