3 – Planning
Security
3-24 59265-02 A
S
For CHAP authentication, create 32-character hexadecimal or
16-character ASCI secrets. The switch secret must be shared
with the HBA security database.
b. Create an ISL group (Group_ISL_1) in Security_Set_1 with Switch_1
and Switch_2 as members. The Switch_1 secret must be shared with
the Switch_2 security database.
3. Configure security on HBA_1 using the appropriate management tool.
Logins between the Switch_1 and HBA_1 will be challenged (CHAP) for
their respective secrets. Therefore, the secrets for Switch_1 and HBA_1 that
you configured on Switch_1 must also be configured on HBA_1.
4. Save and activate Security_Set_1 on Switch_1.
5. Create a security set (Security_Set_2) on Switch_2. Create an ISL group
(Group_ISL_2) in Security_Set_2 with Switch_1 and Switch_2 as members.
6. Save and activate Security_Set_2 on Switch_2.
Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Primary Hash: MD5
Primary Secret: 0123456789abcdef
Binding: None
Switch_2 Node WWN: 10:00:00:c0:dd:07:e3:4e
Authentication: CHAP
Primary Hash: MD5
Primary Secret: abcdefabcdef012
Binding: None
Switch_2 Node WWN: 10:00:00:c0:dd:07:e3:4e
Authentication: CHAP
Primary Hash: MD5
Primary Secret: abcdefabcdef0123
Binding: None
Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Primary Hash: MD5
Primary Secret: 0123456789abcdef
Binding: None