Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP ISL Trunking Kit

171

172

173

174

175

176

177

178

179

180

Fabric OS Encryption Administrator’s Guide 151

53-1002159-03

CryptoTarget container configuration

cfg: itcfg itzone

cfg: r_e_d_i_r_c__fg

red_1109_brcd200c00062b0f726d200200051e414e1d; red_______base

zone: itzone 10:00:00:00:c9:2b:c9:3a; 20:0c:00:06:2b:0f:72:6d

zone: red_1109_brcd200c00062b0f726d200200051e414e1d

10:00:00:00:c9:2b:c9:3a; 20:0c:00:06:2b:0f:72:6d;

20:02:00:05:1e:41:4e:1d; 20:00:00:05:1e:41:4e:1d

zone: red_______base

00:00:00:00:00:00:00:01; 00:00:00:00:00:00:00:02;

00:00:00:00:00:00:00:03; 00:00:00:00:00:00:00:04

Effective configuration:

cfg: itcfg

zone: itzone 10:00:00:00:c9:2b:c9:3a

20:0c:00:06:2b:0f:72:6d

NOTE

You may view the frame redirection zone with the cfgshow command, but you cannot use the zone

for any other applications that use frame redirection. Do not perform any further operations with this

zone, such as deleting the zone or adding the zone to a different configuration. Such operations may

result in disruptive behavior, including data corruption on the LUN.

Removing an initiator from a CryptoTarget container

You may remove one or more initiators from a given CryptoTarget container. This operation

removes the initiators’ access to the target port.

If the initiator has access to multiple targets and you wish to remove access to all targets, follow the

procedure described to remove the initiator from every CryptoTarget container that is configured

with this initiator.

NOTE

Stop all traffic between the initiator you intend to remove and its respective target ports. Failure to

do so results in I/O failure between the initiator and the target port.

1. Log in to the group leader as Admin or FabricAdmin.

2. Enter the cryptocfg

--remove -initiator command. Specify the CryptoTarget container name

followed by one or more initiator port WWNs. The following example removes one initiator from

the CryptoTarget container “my_disk_tgt”.

FabricAdmin:switch>cryptocfg --rem -initiator my_disk_tgt

10:00:00:00:c9:2b:c9:3a

Operation Succeeded

3. Commit the transaction.

FabricAdmin:switch>cryptocfg --commit

Operation Succeeded

CAUTION

When configuring a multi-path LUN, you must remove all initiators from all CryptoTarget

containers in sequence before committing the transaction. Failure to do so may result in a

potentially catastrophic situation where one path ends up being exposed through the encryption