HP StorageWorks 2.140 Director Switch User Manual

Director Element Manager user guide 109

The default selection is Local Only. Local Only causes the switch to only check its local database

to verify if the switch on the other end is allowed to communicate when authentication happens.

5.

If the initial state of a fabric is not configured to enable device authentication, the Enable N_port

authentication check box is disabled. To enable, click the Enable N-port Authentication check

box.

6.

Click the list to the right of the check box and select Local Only, Radius then Local, or Radius

Only.
The default selection is Local Only. Local Only causes the switch to only check its local database

to verify if the switch on the other end is allowed to communicate when authentication happens.

7.

Check the Port Authentication List. Each table column can be sorted and the column position can

adjusted. All the ports are sorted by port number and display in that order.

8.

Select a port on the switch to override the authentication settings for that port. Port settings

include the following:
• If a port is configured to be Force Enabled, the port participates in authenticating the other

end of the link regardless of the authentication state set at the switch level.

• If a port is configured to be Force Disabled, that port does not participate in authentication at

any time.

• If a port is specified as Switch default, this port abides by all authentication settings

configured for this switch. All ports are set to this state at product initialization time.

The HAFM appliance displays all the switches, directors, and end nodes connected to the

highlighted switch in the Devices tab. This tracks the security settings on each switch port and the

state of connected devices. This list can include:

•

Non-SANtegrity II compatible switches

•

Non-manageable switches

•

Non-HP switches

•

JBOD

•

HBA

•

Other storage devices

When your HAFM appliance is installed with SANtegrity and you discover a secure or unsecure

fabric, the E_port authentication is disabled, and the drop-down menus for port authentication

display your HAFM appliance. If a device is SANtegrity capable, your HAFM appliance can

discover its current security settings and display them on the table. If not, your HAFM appliance

displays only a limited information about that device.
The Authenticated Devices list displays a list of authenticated devices that are in the current switch

local database. In this database, there are connected or detached devices. Devices listed in this

table must have a CHAP secret.
Add an attached or detached device from the left Port Authentication List table by selecting a device

and clicking the right arrow button, double-clicking the device, or clicking Add. Change the CHAP

secret of a device by selecting the device and clicking Edit. To remove devices from this list, select a

device or multiple devices, and click Remove.