Using Radius - Cisco MDS 9000 Series Troubleshooting Manual

Chapter 1 Troubleshooting Overview
S e n d c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
•
•
•
•
You can use SNMPv3 to assign different SNMP capabilities to specific roles.
Cisco MDS 9000 Family switches also support Remote Monitoring (RMON) for Fibre Channel. RMON
provides a standard method to monitor the basic operations of network protocols providing connectivity
between SNMP management stations and monitoring agents. RMON also provides a powerful alarm and
event mechanism for setting thresholds and sending notifications based on changes in network behavior.
The RMON groups that have been adapted for use with Fibre Channel include the AlarmGroup and
EventGroup. The AlarmGroup provides services to set alarms. Alarms can be set on one or multiple
parameters within a device. For example, you can set an RMON alarm for a specific level of CPU
utilization or crossbar utilization on a switch. The EventGroup lets you configure events that are actions
to be taken based on an alarm condition. The types of events that are supported include logging, SNMP
traps, and log-and-trap.
Note To configure events within an RMON group, use the Events > Threshold Manager option from Device
Manager.

Using RADIUS

RADIUS is fully supported for the Cisco MDS 9000 Family switches through the Fabric Manager and
the CLI. RADIUS is a protocol used for the exchange of attributes or credentials between a head-end
RADIUS server and a client device. These attributes relate to three classes of services:
•
•
•
Authentication refers to the authentication of users for access to a specific device. You can use RADIUS
to manage user accounts for access to Cisco MDS 9000 Family switches. When you try to log into a
switch, the switch validates you with information from a central RADIUS server.
OL-5183-02, Cisco MDS SAN-OS Release 1.3
IETF IP Transport-oriented MIBs (for example, RFC2013 UDP-MIB) These MIBs are used to
report transport-oriented statistics on such protocols as IP, TCP, and UDP. These transports are used
in the management of the Cisco MDS 9000 Family through the OOB Ethernet interface on the
Supervisor module.
Cisco-Proprietary Storage and Storage Network MIBs (for example, NAME-SERVER-MIB) These
MIBs were written by Cisco to help expose information that is discovered within a fabric to
management applications not connected to the fabric itself. In addition to exposing configuration
details for features like zoning and Virtual SANs (VSANs) via MIBs, discovered information from
sources like the FC-GS-3 Name Server can be pulled via a MIB. Additionally, MIBs are provided
to configure/enable features within the Cisco MDS 9000 Family. There are over 20 new MIBs
provided by Cisco for this information and configuration capability.
IETF IP Storage Working Group MIBs (for example, ISCSI-MIB) While many of these MIBs are
still work-in-progress, Cisco is helping to draft such MIBs for protocols such as iSCSI and Fibre
Channel-over-IP (FCIP) to be standardized within the IETF.
Miscellaneous MIBs (for example, SNMP-FRAMEWORK-MIB) There are several other MIBs
provided in the Cisco MDS 9000 Family switches for tasks such as defining the SNMP framework
or creating SNMP partitioned views.
Authentication
Authorization
Accounting
Using Cisco MDS 9000 Family Tools
Cisco MDS 9000 Family Troubleshooting Guide
1-15