Installation guide
3 – Planning
Fabric Security
59042-08 A 3-19
0
1. Configure the Radius_1 host as a RADIUS server on Switch_1 and
Switch_2 to authenticate device logins. Specify the server IP address and
the secret with which the switches will authenticate with the server.
Configure the switches so that devices authenticate through the switches
only if the RADIUS server is unavailable.
2. Configure security on Switch_1. Create a security set (Security_Set_1) on
Switch_1.
a. Create a port group (Group_Port_1) in Security_Set_1 with Switch_1
and HBA_1 as members. The JBOD is a loop device, and is therefore,
excluded from the port group.
Radius_1 Configuration on Switch_1 and Switch_2
Device Authentication
Order
RadiusLocal – Authenticate devices using the
RADIUS server security database first. If the RADIUS
server is unavailable, then use the local switch
security database.
Total Servers 1 – Enables support for one RADIUS server
Device Authentication
Server
True – Enables Radius_1 to authenticate device
logins.
Server IP Address 10.20.30.40
Secret 1234567890123456 – 16-character ASCI string (MD5
hash)
Port Group on Switch_1: Group_Port_1
Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Primary Hash: MD5
Primary Secret: 0123456789abcdef
HBA_1 Node WWN: 10:00:00:c0:dd:07:c3:4d
Authentication: CHAP
Primary Hash: MD5
Primary Secret: fedcba9876543210