Q-Logic 59022-11 A 4-13 Manuel D’Utilisation
3 – Managing Fabrics
Securing a Fabric
59022-11 A
3-15
0
The conventions for MS security group members are listed below:
You can enter member world-wide name (WWN), which must be 16 hex
characters, or 23 characters with valid WWN format xx:xx:xx:xx:xx:xx:xx:xx.
characters, or 23 characters with valid WWN format xx:xx:xx:xx:xx:xx:xx:xx.
The CT (common transport) authentication choices are None, MD5, and
SHA-1.
SHA-1.
The Secret field is disabled if authentication is set to None, otherwise the
Secret field enabled.
Secret field enabled.
The Generate button is only enabled when authentication is Chap.
Secret is 16 byte length for MD5 authentication, and 20 bytes if
authentication is SHA-1.
authentication is SHA-1.
3.2.4.6
Creating a Security Group Member
To add a member to a security group, do the following:
1.
On the faceplate display, click the Security button on the toolbar, or open
the Security menu and select Edit Security to open the Edit Security dialog.
the Security menu and select Edit Security to open the Edit Security dialog.
2.
Choose one of the following methods to open the Create a Security Group
Member dialog:
Member dialog:
In the graphic window, click a security group and click the Security
Member button in the toolbar.
Member button in the toolbar.
Right-click on a security group and select Create Members from the
popup menu.
popup menu.
3.
Open the Group Member pull-down menu and select a Node World-Wide
Name. The switch must be a member of any group in which authentication is
used. You can also type in a hex value.
Name. The switch must be a member of any group in which authentication is
used. You can also type in a hex value.
4.
Open the Authentication pull-down menu, and select a type of protocol to be
used for the authentication process for that member.
used for the authentication process for that member.
ISL authentication options are None (0 bytes), Chap (16 bytes)
MS (CT - Common Transport) authentication options are None (0
bytes), MD5 (16 bytes), SHA (20 bytes)
bytes), MD5 (16 bytes), SHA (20 bytes)
Port authentication options are None (0 bytes), Chap (16 bytes)
5.
In the Secret area, enter an authentication "password" to be assigned that
member. Or, you can click the Generate Secret button to randomly
generate a secret.
member. Or, you can click the Generate Secret button to randomly
generate a secret.
6.
In the Binding field (ISL groups only), enter the domain ID (1-239) for the
switch for the ISL group member. The WWN of the switch must be at the
entered domain ID when attempting to enter the fabric, otherwise it will
become isolated.
switch for the ISL group member. The WWN of the switch must be at the
entered domain ID when attempting to enter the fabric, otherwise it will
become isolated.
7.
Click the OK button to save the changes.