Dhchap Aaa Authentication - Cisco DS-X9530-SF1-K9 - Supervisor-1 Module - Control Processor Configuration Manual

Mds 9000 family
Table of Contents

Advertisement

DHCHAP AAA Authentication

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
Example 31-4 Displays Hash Algorithm and DHCHAP Groups Configured for the Local Switch
switch# show fcsp dhchap
Supported Hash algorithms (in order of preference):
DHCHAP_HASH_MD5
DHCHAP_HASH_SHA_1
Supported Diffie Hellman group ids (in order of preference):
DHCHAP_GROUP_NULL
DHCHAP_GROUP_1536
DHCHAP_GROUP_1024
DHCHAP_GROUP_1280
DHCHAP_GROUP_2048
Example 31-5 Displays the DHCHAP Local Password Database
switch# show fcsp dhchap database
DHCHAP Local Password:
Other Devices' Passwords:
Example 31-6 Displays the ASCII Representation of the Device WWN
switch# show fcsp asciiwwn 30:11:bb:cc:dd:33:11:22
Ascii representation of WWN to be used with AAA servers:Ox_3011bbccdd331122
Use the ASCII representation of the device WWN (identified in bold in
Tip
switch information on RADIUS and TACACS+ servers.
DHCHAP AAA Authentication
You can individually set authentication options. If authentication is not configured, local authentication
is used by default.
To configure the AAA authentication, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# aaa authentication dhchap
default group TacacsServer1
switch(config)# aaa authentication dhchap
default local
switch(config)# aaa authentication dhchap
default group RadiusServer1
Cisco MDS 9000 Family Configuration Guide
31-10
Non-device specific password:mypassword1
Password for device with WWN:29:11:bb:cc:dd:33:11:22 is pjoalf
Password for device with WWN:30:11:bb:cc:dd:33:11:22 is mypassword
Password for device with WWN:00:11:22:33:44:aa:bb:cc is NewPassword
Chapter 31
Example
Purpose
Enters configuration mode.
Enables DHCHAP to use the TACACS+ server group
(in this example, TacacsServer1) for authentication.
Enables DHCHAP for local authentication.
Enables DHCHAP to use the RADIUS server group
(in this example, RadiusServer1) for authentication.
OL-6973-03, Cisco MDS SAN-OS Release 2.x
Configuring FC-SP and DHCHAP
31-6) to configure the

Advertisement

Table of Contents
loading

Table of Contents