Step 4: configuring host access, Understanding chap authentication, What is chap – Dell PowerVault MD3800i User Manual

Page 47: Target chap, Mutual chap

Advertising
background image

Step 4: Configuring Host Access

This step specifies which host servers access virtual disks on the storage array. You should perform this
step before mapping virtual disks to host servers or any time you connect new host servers to the storage
array.

1.

Launch MDSM.

2. Navigate to the AMW and click Manually define hosts.

3. At Enter host name, enter the host server for virtual disk mapping.

This can be an informal name, not necessarily a name used to identify the host server to the network.

4. Select a method for adding the host port identifier.

5. Select the host type.

6. Select whether or not the host server will be part of a host server group that shares access to the

same virtual disks as other host servers. Select Yes only if the host is part of a Microsoft cluster.

7. Click Next.

8. Specify if this host will be part of a host group, and click Finish.

Understanding CHAP Authentication

What is CHAP?

Challenge Handshake Authentication Protocol (CHAP) is an optional iSCSI authentication method where
the storage array (target) authenticates iSCSI initiators on the host server. Two types of CHAP are
supported:

• Target CHAP
• Mutual CHAP

Target CHAP

In target CHAP, the storage array authenticates all requests for access issued by the iSCSI initiator(s) on
the host server using a CHAP secret. To set up target CHAP authentication, you must enter a CHAP secret
on the storage array, then configure each iSCSI initiator on the host server to send that secret each time it
attempts to access the storage array.

Mutual CHAP

In addition to setting up target CHAP, you can set up mutual CHAP in which both the storage array and
the iSCSI initiator authenticate each other. To set up mutual CHAP, configure the iSCSI initiator with a
CHAP secret that the storage array must send to the host sever in order to establish a connection. In this
two-way authentication process, both the host server and the storage array send information that the
other must validate before a connection is allowed.
CHAP is an optional feature and is not required to use iSCSI. However, if you do not configure CHAP
authentication, any host server connected to the same IP network as the storage array can read from and
write to the storage array.

47

Advertising
This manual is related to the following products:

PowerVault MD3820i

Popular Brands
Popular manuals