Setting the authentication policy parameters – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

226

Network OS NETCONF Operations Guide

53-1003231-02

Device authentication configuration

17

10:00:00:05:1e:7a:c3:00

xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1402">

Shared secret successfully removed.

Setting the authentication policy parameters

To set the authentication policy parameters, perform the following steps.

1. Issue the RPC to configure the node in the

urn:brocade.com:mgmt:brocade-fc-auth namespace.

2. Under the node, include the node element.

3. Under the node, include the node element.

4. Under the node, include the following leaf node elements to configure the

protocol-specific configuration parameters.

a. In the element, specify “dh-chap” (the only option).

b. In the element, specify a DH-group value in the range 0 through 4 or “*”.

c. In the element, specify “md5”, “sha1”, or “all” to identify the hash type.

5. Under the node, include the node element.

6. Under the node, include the leaf element and specify the switch policy state

as on, off, active, or passive.

7. Issue the RPC with a subtree filter to return the contents of the /

node in the urn:brocade.com:mgmt:brocade-fc-auth namespace.

The following example configures an authentication policy auth-type DH-CHAP, a DH group of 2, and
a hash type of md5. The switch policy is set to “off” until you are ready to explicitly activate the
policy.