Brocade Fabric OS Administrator's Guide Supporting Fabric OS v6.3.0 (53-1001336-02, November 2009)

ManualsBrandsHP ManualsStorageBrocade 8/24c SAN Switch for BladeSystem c-Class

171

172

173

174

175

176

177

178

179

180

Fabric OS Administrator’s Guide 137

53-1001336-02

Authentication policy for fabric elements

Warning: Activating the authentication policy requires

DH-CHAP secrets on both switch and device. Otherwise,

the F-port will be disabled during next F-port

bring-up.

ARE YOU SURE (yes, y, no, n): [no] y

Device authentication is set to PASSIVE

AUTH policy restrictions

All fabric element authentication configurations are performed on a local switch basis.

Device authentication policy supports devices that are connected to the switch in point-to-point

manner and is visible to the entire fabric. The following are not supported:

• Public loop devices

• Single private devices

• Private loop devices

• Mixed public and private devices in loop

• NPIV devices

• FICON channels

• Configupload and download will not be supported for the following AUTH attributes: auth type,

hash type, group type.

Supported HBAs

The following HBAs support authentication:

• Emulex LP11000 (Tested with Storport Miniport v2.0 windows driver)

• Qlogic QLA2300 (Tested with Solaris v5.04 driver)

• Brocade Fibre Channel HBA models 415, 425, 815 and 825

Authentication protocols

Use the authUtil command to perform the following tasks:

• Display the current authentication parameters.

• Select the authentication protocol used between switches.

• Select the DH (Diffie-Hellman) group for a switch.

Run the authUtil command on the switch you want to view or change. Below are the different

options to specify which DH group you want to use.

• 00 – DH Null option

• 01 – 1024 bit key

• 02 – 1280 bit key

• 03 - 1536 bit key

• 04 – 2048 bit key