1. Manuals
  2. Brands
  3. Dell Manuals
  4. Storage
  5. PowerVault MD3860i Series
  6. Deployment manual

Understanding Chap Authentication; What Is Chap; Target Chap; Mutual Chap - Dell PowerVault MD3860i Series Deployment Manual

Storage arrays
Hide thumbs Also See for PowerVault MD3860i Series:
Table of Contents

Advertisement

Understanding CHAP Authentication

What Is CHAP

Challenge Handshake Authentication Protocol (CHAP) is an optional iSCSI authentication method where
the storage array (target) authenticates iSCSI initiators on the host server. Two types of CHAP are
supported:

Target CHAP

Mutual CHAP

Target CHAP
In target CHAP, the storage array authenticates all requests for access issued by the iSCSI initiator(s) on
the host server using a CHAP secret. To set up target CHAP authentication, you must enter a CHAP secret
on the storage array, then configure each iSCSI initiator on the host server to send that secret each time it
attempts to access the storage array.
Mutual CHAP
In addition to setting up target CHAP, you can set up mutual CHAP in which both the storage array and
the iSCSI initiator authenticate each other. To set up mutual CHAP, configure the iSCSI initiator with a
CHAP secret that the storage array must send to the host sever in order to establish a connection. In this
two-way authentication process, both the host server and the storage array send information that the
other must validate before a connection is allowed.
CHAP is an optional feature and is not required to use iSCSI. However, if you do not configure CHAP
authentication, any host server connected to the same IP network as the storage array can read from and
write to the storage array.
NOTE: When using CHAP authentication, you should configure it on both the storage array (using
MD Storage Manager) and the host server (using the iSCSI initiator) before preparing virtual disks to
receive data. If you prepare disks to receive data before you configure CHAP authentication, you
lose visibility to the disks once CHAP is configured.

CHAP Definitions

To summarize the differences between target CHAP and mutual CHAP authentication, see the following
table.
CHAP Type
Target CHAP
Mutual CHAP
Description
Sets up accounts that iSCSI initiators use to
connect to the target storage array. The target
storage array then authenticates the iSCSI initiator.
Applied in addition to target CHAP, mutual CHAP
sets up an account that a target storage array uses
to connect to an iSCSI initiator. The iSCSI initiator
then authenticates the target.
39

Advertisement

Table of Contents
loading

Related Manuals for Dell PowerVault MD3860i Series

Related Content for Dell PowerVault MD3860i Series

Table of Contents