Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)
Send feedback to nx5000-docfeedback@cisco.com
44-5
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 44 Configuring FC-SP and DHCHAP
DHCHAP
Table 44-1 identifies switch-to-switch authentication between two Cisco switches in various modes.
Configuring the DHCHAP Mode
To configure the DHCHAP mode for a particular interface, perform this task:
About the DHCHAP Hash Algorithm
Cisco SAN switches support a default hash algorithm priority list of MD5 followed by SHA-1 for
DHCHAP authentication.
Table 44-1 DHCHAP Authentication Status Between Two MDS Switches
Switch N
DHCHAP
Modes
Switch 1 DHCHAP Modes
on auto-active auto-passive off
on
FC-SP
authentication is
performed.
FC-SP authentication
is performed.
FC-SP authentication
is performed.
Link is brought
down.
auto-Active FC-SP
authentication is
not performed.
auto-Passive
FC-SP authentication
is not performed.
off
Link is brought
down.
FC-SP authentication is not performed.
Command Purpose
Step 1
switch# configuration terminal
Enters configuration mode.
Step 2
switch(config)# interface fc
slot/port - slot/port
switch(config-if)#
Selects a range of interfaces and enters the interface
configuration mode.
Step 3
switch(config-if)# fcsp on
Sets the DHCHAP mode for the selected interfaces to be in the
on state.
switch(config-if)# no fcsp on
Reverts to the factory default of auto-passive for these three
interfaces.
Step 4
switch(config-if)# fcsp
auto-active 0
Changes the DHCHAP authentication mode for the selected
interfaces to auto-active. Zero (0) indicates that the port does
not perform reauthentication.
Note The reauthorization interval configuration is the same
as the default behavior.
switch(config-if)# fcsp
auto-active timeout-period
Changes the DHCHAP authentication mode to auto-active for
the selected interfaces. The timeout period value (in minutes)
sets how often reauthentication occurs after the initial
authentication.
switch(config-if)# fcsp
auto-active
Changes the DHCHAP authentication mode to auto-active for
the selected interfaces. Reauthentication is disabled (default).
Note The reauthorization interval configuration is the same
as setting it to zero (0).