Support User Manuals

Intel SSR212PP Network Card User Manual

Open as PDF

of 196

Intel Storage System SSR212PP User Guide 47

PRELIMINARY

iSCSI CHAP Authentication Worksheets

If the storage system is on a private LAN, you can elect not to configure CHAP

authentication. If the storage system is on a public LAN, we strongly recommend that you

set CHAP security. If you do not set CHAP security for the storage system, any host

connected to the LAN can read from and write to the storage system.

CAUTION

Whenever you record any security information such as the CHAP usernames and

secrets (passwords), it is imperative that you store the data in a secure location.

Storage System CHAP Levels

To set up a basic CHAP level, you can add one or more usernames and corresponding

secrets. Any initiator configured with one of these usernames/secrets can establish a

connection.

To set up an

advanced CHAP level, you can configure both initiator CHAP and mutual

CHAP. You can create initiator CHAP so that all initiators can use each username/secret

(as in basic CHAP). You can also use the iSCSI node name (IQN) to create

usernames/secrets that are restricted for use by a single initiator. Optionally, you can

configure mutual CHAP with a single target CHAP username/secret.

Initiator CHAP Worksheet

If you want the storage system to authenticate initiators, fill out the Initiator CHAP

Worksheet for all initiator accounts. Initiator CHAP must be set up and enabled for iSCSI

security to work. The easiest way to configure initiator CHAP is to create a friendly

username and secret for all initiators.

Initiator name: ___________________________________________________________

Use initiator name as system CHAP username: Yes___ No___

Allow any initiator to log In with this username and secret: Yes___ No___

CHAP username: _________________________________________________________

CHAP secret: ________________________________ Speciﬁed in hex: Yes___ No___

Initiator name: ___________________________________________________________

Use initiator name as system CHAP username: Yes___ No___

Allow any initiator to log In with this username and secret: Yes___ No___

CHAP username: _________________________________________________________

CHAP secret: ________________________________ Speciﬁed in hex: Yes___ No___

Initiator name: ___________________________________________________________

Use initiator name as system CHAP username: Yes___ No___

Allow any initiator to log In with this username and secret: Yes___ No___

CHAP username: _________________________________________________________

CHAP secret: ________________________________ Speciﬁed in hex: Yes___ No___

previous next