beautypg.com

HP StorageWorks IP Storage Router User Manual

Page 130

background image

Configuring SCSI Routing

130

IP Storage Router SR2122-2 User Guide

An access list can contain one or more types of identification entries. If an
identification entry type exists in the access list, the IP host attempting to access
the associated storage target must have a matching entry defined in the access list.
For example, if an access list contains both IP address and iSCSI name
identification entry types, then every IP host that requires access to the associated
set of storage resources must have a matching IP address and iSCSI name entry in
the access list.

An access list is necessary if you want to specify access to iSCSI targets on a
per-IP host basis. An access list is not necessary if you want to specify that all IP
hosts have access to the iSCSI targets configured in a SCSI routing instance.

Note:

If there is a CHAP user name entry in the access list, the SCSI routing instance

used to access the storage target must also have iSCSI authentication enabled. See

Chapter 10, “Configuring Authentication”

for additional information about AAA and

iSCSI authentication.

Use the following procedure to create an access list. In this procedure, the access
list is called

aegis and the IP host identifiers include three IP addresses

(

10.2.0.23, 10.3.0.36, and 10.4.0.49) and a CHAP-username

(

12h7b.lab2.webservices):

1. enable — Enter Administration mode.

2. accesslist aegis

— Create an access list by naming it aegis. There is

a 31 character limit.

3. accesslist aegis description “Access to zeus SCSI

routing service”

— Add a string as a description for the access list.

Enclose the string using single or double quotes. (Optional)

4.

accesslist aegis 10.2.0.23/32 10.3.0.36/32 10.4.0.49/32

Add IP addresses of IP hosts to the access list. Separate multiple IP addresses
with a space. To limit the access to each IP address, set the subnet mask to

255.255.255.255. In this example, the subnet mask was set using CIDR
style

/32.

5. accesslist aegis CHAP-username

12h7b.lab2.webservices

— Add CHAP-usernames in the access list.

To limit the access to each CHAP-username. The password it supplies must
be successfully validated using the AAA method configured.

This manual is related to the following products:
See also other documents in the category HP Storage: