User`s guide
Table Of Contents
- Table of Contents
- 1 Introduction
- 2 General Description
- 3 Planning
- 4 Installation
- Site Requirements
- SANbox 6142 Router Installation
- Pre-installation Check List
- Mount the Router
- Install the Transceivers
- Connect the Management Workstation to the Router
- Configure the Management Workstation
- Install SANsurfer iSCSI/FC Router Manager
- Start SANsurfer iSCSI/FC Router Manager
- Connect the Router to AC Power
- Configure the Router
- Cable Devices to the Router
- Firmware Installation
- 5 Diagnostics and Troubleshooting
- 6 Removal/Replacement
- 7 SANsurfer iSCSI/FC Router Manager
- Introduction
- Menu Bar
- Tool Bar
- System Tree Window
- Wizards
- Configuration Wizard
- Add Initiator Wizard
- FW Update Wizard
- Map Local Initiator/Target Wizard
- Unmap Local Initiator/Target Wizard
- Add Remote Router Wizard
- Remove Remote Router Wizard
- Map Remote Initiator/Target Wizard
- Unmap Remote Initiator/Target Wizard
- Discover iSCSI Target Wizard
- FCIP Route Add Wizard
- FCIP Route Remove Wizard
- A Command Reference
- Logging On to a SAN Router
- Guest Account
- Working with SAN Router Configurations
- Commands
- Admin Command
- Beacon Command
- Clear Command
- Date Command
- FcipRoute Command
- FRU Command
- Help Command
- History
- Image Command
- Initiator Command
- Localmap Command
- Logout Command
- Password Command
- Ping Command
- Quit Command
- Reboot Command
- Remote Map Command
- Remote Peer Command
- Reset Factory Command
- Save Command
- Set Command
- Set CHAP Command
- Set FC Command
- Set Features Command
- Set iSCSI Command
- Set iSNS Command
- Set Mgmt Command
- Set NTP Command
- Set Properties Command
- Set SNMP Command
- Set System Command
- Show Command
- Show CHAP Command
- Show FC Command
- Show FcipRoutes Command
- Show Features Command
- Show Initiators Command
- Show iSCSI Command
- Show iSNS Command
- Show Localmaps Command
- Show Logs Command
- Show Memory Command
- Show Mgmt Command
- Show NTP Command
- Show Performance Command
- Show Presented Initiators Command
- Show Presented Targets Command
- Show Properties Command
- Show Remotemaps Command
- Show Remotepeers Command
- Show SNMP Command
- Show Stats Command
- Show System Command
- Show Targets Command
- Show VLAN Command
- Shutdown Command
- Target Command
- Traceroute Command
- B Log Messages
- C Configuring CHAP
- D Simple Network Management Protocol (SNMP)
- Index
FI0054601-00 C C-1
C Configuring CHAP
CHAP Definition
In challenge handshake authentication protocol (CHAP), the authentication agent
sends the client program a random value that is used only once and an ID value.
Both the sender and peer share a predefined secret. The peer concatenates the
random value, the ID, and the secret, and calculates a one-way hash using MD5
(Message-Digest algorithm 5). It sends the hash value to the authenticator, which
in turn builds that same string on its side, calculates the MD5 checksum, and
compares the result with the value received from the peer. If the values match, the
peer is authenticated.
By transmitting only the hash, the secret cannot be reverse-engineered. The ID
value is increased with each CHAP dialogue to protect against replay attacks.
Configuring CHAP Using CLI
The following sections describe the procedure for configuring CHAP from the
command line interface (CLI).
CLI—Discovery Session—Bi-directional CHAP
To configure a bi-directional CHAP used during a discovery session:
1. On the router:
a. Enable CHAP on the port.
b. Create a secret (for example, secret_port).
c. Using Set Chap, choose the iSCSI node that represented the GE port.
d. Use Show Iscsi to find the iSCSI node name of the GE port.
2. Use Initiator add to add the initiator that is about to do discovery:
a. Enable the CHAP for this initiator.
b. Create a secret (for example, secret_initiator).
c. Use Set Chap to update the CHAP settings of the initiator.
3. Go to the Microsoft iSCSI (MS) Initiator and perform the following steps: