Manualshelf

Hardware manual

ManualsBrandsDell ManualsComputer equipment6 series
81828384858687888990
Group Administration iSCSI target security
8–6
Deleting an iSNS server
To delete the IP address for an iSNS server, select the address in the iSCSI Discovery panel in the Group iSCSI
window and click
delete. Then, click Save all changes (Control+S).
Preventing the discovery of unauthorized targets
By default, iSCSI initiators that use discovery try to log in to group targets protected by CHAP, even if they do not
have the correct access credentials. This can result in a large number of events logged in the group and is an
inefficient use of resources.
You can prevent computers from discovering unauthorized targ
ets by enabling the iSCSI discovery filter. If you
enable the iSCSI discovery filter, initiators only discover targets for which they have the correct access credentials.
Enable the iSCSI discovery filter
1. Click Group, then Group Configuration, and then the iSCSI tab.
2. In the iSCSI Discovery panel, under iSNS discovery filter, select
Prevent unauthorized hosts from
discovering targets
.
3. Click
Save all changes (Control+S).
Disable the iSCSI discovery filter
1. Click Group, then Group Configuration, and then the iSCSI tab.
2. In the iSCSI Discovery panel, under iSNS discovery filter, deselect
Prevent unauthorized hosts from
discovering targets
.
3. Click Save all changes (Control+S).
Multi-host access to targets
In a shared storage environment, you must control computer access to iSCSI targets (volumes and snapshots),
because multiple computers writing to a target in an uncoordinated manner might result in volume corruption.
When an initiator tries to log in to a target, the group uses access control records to determine if
access should be
authorized. However, access control records do not prevent multiple initiators, either on the same computer or
different computers, from accessing the same target.
Therefore, by default, the group disabl
es multi-host (shared) access to a target. Therefore, only one iSCSI qualified
name (IQN) can connect to a target at one time.
Restriction: If all gr
oup members are not running PS Series Firmware Version 4.0 or higher, the
group allows multi-host access to targets.
If you disable multi-host access to a volume, when an initiator tries to
log in to the volume:
If there is no iSCSI initiator connection to the volume, the
group uses access control records to determine
whether to authorize access.