Manualshelf

User`s guide

ManualsBrandsChelsio Communications ManualsAdapterChelsio T5
121122123124125126127128129130
Chapter VII. iSCSI PDU Offload Target
Chelsio T5/T4 Unified Wire For Linux Page 122
#
Auth_CHAP_Policy=Mutual
Auth_CHAP_target=“iTarget1ID”:“iTarget1Secret”
Auth_CHAP_Initiator=“iInitiator1”:“InitSecret1”
Auth_CHAP_Initiator=“iInitiator2”:“InitSecret2”
Auth_CHAP_ChallengeLength=16
#
# ACL configuration
#
# initiator “iqn.2006-02.com.chelsio.san1” is allowed full access
# to this target
ACL=iname=iqn.2006-02.com.chelsio.san1
# any initiator from IP address 102.50.50.101 is allowed full access
# of this target
ACL=sip=102.50.50.101
# any initiator connected via the target portal 102.60.60.25 is
# allowed full access to this target
ACL=dip=102.60.60.25
# initiator “iqn.2005-09.com.chelsio.san2” from 102.50.50.22 and
# connected via the target portal 102.50.50.25 is allowed read only
# access of this target
ACL=iname=iqn.2006-
02.com.chelsio.san2;sip=102.50.50.22;dip=102.50.50.25;lun=ALL:R
4.5. Challenge-Handshake Authenticate Protocol (CHAP)
CHAP is a protocol that is used to authenticate the peer of a connection and uses the notion of
a challenge and response, (i.e., the peer is challenged to prove its identity).
The Chelsio iSCSI software supports two CHAP methods: one-way and mutual. CHAP is not
supported for discovery sessions.
4.5.1. Oneway CHAP authentication
With one-way CHAP (also called unidirectional CHAP) the target uses CHAP to authenticate
the initiator. The initiator does not authenticate the target. This method is the default method.