Table of Contents
Advertisement
0
1.
Configure the Radius_1 host as a RADIUS server on Switch_1 and
Switch_2 to authenticate device logins. Specify the server IP address and
the secret with which the switches will authenticate with the server.
Configure the switches so that devices authenticate through the switches
only if the RADIUS server is unavailable.
Device Authentication
Order
Total Servers
Device Authentication
Server
Server IP Address
Secret
2.
Configure security on Switch_1. Create a security set (Security_Set_1) on
Switch_1.
a.
59042-08 A
Radius_1 Configuration on Switch_1 and Switch_2
RadiusLocal – Authenticate devices using the
RADIUS server security database first. If the RADIUS
server is unavailable, then use the local switch
security database.
1 – Enables support for one RADIUS server
True – Enables Radius_1 to authenticate device
logins.
10.20.30.40
1234567890123456 – 16-character ASCI string (MD5
hash)
Create a port group (Group_Port_1) in Security_Set_1 with Switch_1
and HBA_1 as members. The JBOD is a loop device, and is therefore,
excluded from the port group.
Port Group on Switch_1: Group_Port_1
Switch_1
Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Primary Hash: MD5
Primary Secret: 0123456789abcdef
HBA_1
Node WWN: 10:00:00:c0:dd:07:c3:4d
Authentication: CHAP
Primary Hash: MD5
Primary Secret: fedcba9876543210
3 – Planning
Fabric Security
3-19
Advertisement
Table of Contents
