beautypg.com

Figure 40 add device (edit secret) dialog box, 40 add device (edit secret) dialog box – HP StorageWorks 2.140 Director Switch User Manual

Page 108

background image

Configuring the director

108

switch can store more IDs and CHAP secrets if the switch has multiple connections with other

switches only. You can also store IDs and CHAP secrets of switches that have no physical

connections with this switch. This is not recommended because accessing one switch provides

access to all switches’ CHAP secrets.
If you choose to have two connected switches authenticate each other through Radius server only,

all product IDs and CHAP secrets are stored on the Radius server and the product local database is

not required to carry the same data. In this case, the HAFM appliance does not communicate with

Radius server effectively. The Radius Only authentication method can cause more errors and

performance problems.
When the Radius Only option is selected, the HAFM appliance ensures that only the CHAP secret

for the switch is defined and stored in the local database. If not, a message is displayed indicating

you must type or generate a secret for the current switch before you enable E_port authentication.
If the CHAP secret is defined for the current switch, when clicking Apply, a message is displayed

indicating you have set E/N_port Authentication Method to Radius Only. If you have not properly

defined the secrets for all participating devices on the Radius Server, E/N_port authentication fails

and your fabric connectivity is broken.

Understanding the Devices tab display and default settings

When you access the Devices tab, do the following:

1.

Ensure that the Node Name is already discovered and displayed in a uneditable text field.

2.

Define the CHAP secret for the selected switch using the following steps:
a. Click Edit Secret. The Add Device dialog box is displayed (

Figure 40

).

Figure 40

Add Device (Edit Secret) dialog box

b. Click Generate to automatically have a CHAP Secret generated and placed in the CHAP

Secret and Retype Secret fields.
Or
Type the secret in the CHAP Secret field and retype the same CHAP secret in the Retype

Secret field.

c. Click OK.

3.

If the initial state of a fabric is not configured to enable device authentication, the Enable E_port

authentication check box is disabled. To enable, click the Enable E-port Authentication check

box.

4.

Click the list to the right of the check box and select Local Only, Radius then Local, or Radius

Only.

This manual is related to the following products:
See also other documents in the category HP Storage: