Manualshelf

HP-UX iSCSI Software Initiator Support Guide (Edition 7)

ManualsBrandsHP ManualsSoftwareHP-UX iSCSI (SCSI Over TCP/IP) Software
21222324252627282930
or
# iscsiutil -u -W 0xed345ba678dfffe54e35666fa2c3c3
To configure the CHAP secret for a specific Discovery Target Address:
# iscsiutil -u -W mychapsecret -I 192.1.1.34 -M 1
To configure the CHAP secret for a particular Operational Target:
# iscsiutil -u -W mychapsecret -T iqn.2003-11.com.hp.stor:iSCSI
To configure the CHAP secret for a particular Operational Target Address:
# iscsiutil -u -W mychapsecret -T iqn.2003-11.com.hp.stor:iSCSI -I 192.1.1.1 -P 5000 -M 1
(4) Verification of the configured parameters:
To display authentication parameters common to all targets:
# iscsiutil -l
To display authentication parameters for all Discovery Targets:
# iscsiutil -pD
To display authentication parameters for all Operational Targets:
# iscsiutil -pO
To display authentication parameters for all Sessions:
# iscsiutil -pS
To display authentication parameters for a particular Operational Target identified by its Target
Name:
# iscsiutil -p -T <target-name>
NOTE: If authentication parameters are configured on a per target basis, the parameters displayed
by "iscsiutil -l" are overridden by the parameters displayed by the other display commands.
Among the various authentication parameters displayed by the verification commands described
above, the parameters of interest for the "Uni-directional" CHAP method are:
Authentication Method
CHAP Method
Initiator CHAP Name
CHAP Secret
NOTE: CHAP Method is only valid if Authentication Method is set. The values displayed
by the verification commands for the Authentication Method parameters are the values
proposed by the iSCSI Software Initiator to the iSCSI target, in order of preference. The target
MUST respond with the first value that it supports.
4.2.2 Configuring CHAP Authentication Bi-directional
(1) Configure the CHAP username and secret the same way as for the Uni-directional authentication
method.
(2) Configure the NAS and RADIUS server parameters.
# iscsiutil -u -R <nas-hostname> <nas-secret> <radius-server-hostname>
where:
<nas-hostname> is the IP address or hostname of the Network Access Server (NAS).
NAS operates as a client of a RADIUS server (this is the host that runs the iradd daemon). This
IP address or hostname is embedded in the "Access Request" messages. The IP address may be
different from the source IP address of the UDP packets sent by iradd.
<nas-secret> is the secret for the iradd daemon. This secret must be configured as the NAS
secret of iradd on the RADIUS server. It is used by iradd to authenticate the RADIUS server.
24 Configuration