Manualshelf

Cisco Nexus 5000 Series Switch Fabric Manager Software Configuration Guide, NX-OS 4.0 (OL-16598-01, June 2008)

ManualsBrandsHP ManualsStorageHP SN6000C 8Gb 32-port Fibre Channel Switch
301302303304305306307308309310
Send comments to nx5000-docfeedback@cisco.com
23-4
Nexus 5000 Series Switch Fabric Manager Software Configuration Guide
OL-16598-01
Chapter 23 Configuring FC-SP and DHCHAP
DHCHAP
About Enabling DHCHAP
By default, the DHCHAP feature is disabled in all Nexus 5000 Series switches.
You must explicitly enable the DHCHAP feature to access the configuration and verification commands
for fabric authentication. When you disable this feature, all related configurations are automatically
discarded.
Enabling DHCHAP
To enable DHCHAP for a Cisco MDS switch using Fabric Manager, perform this task:
Step 1 Expand Switches, expand Security, and then choose FC-SP.
You see the FC-SP (DHCHAP) configuration in the Information pane as shown in Figure 23-2.
Figure 23-2 FC-SP Configuration
The Control tab is the default. You see the FC-SP enable state for all switches in the fabric.
Step 2 In the Command drop-down list, choose enable for all switches that you want to enable FC-SP on.
Step 3 Click the Apply Changes icon to enable FC-SP and DHCHAP on the selected switches.
About DHCHAP Authentication Modes
The DHCHAP authentication status for each interface depends on the configured DHCHAP port mode.
When the DHCHAP feature is enabled in a switch, each Fibre Channel interface or FCIP interface may
be configured to be in one of four DHCHAP port modes:
On—During switch initialization, if the connecting device supports DHCHAP authentication, the
software performs the authentication sequence. If the connecting device does not support DHCHAP
authentication, the link is placed in an isolated state.
Auto-Active—During switch initialization, if the connecting device supports DHCHAP
authentication, the software performs the authentication sequence. If the connecting device does not
support DHCHAP authentication, the software continues with the rest of the initialization sequence.
Auto-Passive (default)—The switch does not initiate DHCHAP authentication, but participates in
DHCHAP authentication if the connecting device initiates DHCHAP authentication.
Off—The switch does not support DHCHAP authentication. Authentication messages sent to ports
in this mode return error messages to the initiating switch.