Dhchap - HP Cisco MDS 9216 - Fabric Switch Configuration Manual

DHCHAP

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 45-1
Unauthorized
hosts and switches
DHCHAP
DHCHAP is an authentication protocol that authenticates the devices connecting to a switch. Fibre
Channel authentication allows only trusted devices to be added to a fabric, thus preventing unauthorized
devices from accessing the switch.
Note The terms FC-SP and DHCHAP are used interchangeably in this chapter.
DHCHAP is a mandatory password-based, key-exchange authentication protocol that supports both
switch-to-switch and host-to-switch authentication. DHCHAP negotiates hash algorithms and DH
groups before performing authentication. It supports MD5 and SHA-1 algorithm-based authentication.
Configuring the DHCHAP feature requires the ENTERPRISE_PKG license (see
and Installing
To configure DHCHAP authentication using the local password database, follow these steps:
Step 1 Enable DHCHAP.
Step 2 Identify and configure the DHCHAP authentication modes.
Cisco MDS 9000 Family CLI Configuration Guide
45-2
Switch and Host Authentication
RADIUS server
FC-SP
(DH-CHAP)
Licenses").
Chapter 45
Trusted hosts
FC-SP
(DH-CHAP)
Storage
Subsytems
OL-16184-01, Cisco MDS SAN-OS Release 3.x
Configuring FC-SP and DHCHAP
Chapter 10, "Obtaining