Fabric switch settings and connection results, Mutual authentication of ports, Fibre channel authentication – HP XP P9500 Storage User Manual

During authentication of hosts, the connection result is determined depending on the combination
of the following port settings:

•

Setting of the port in the Port tree: enable (

) or disable (

)

•

Whether the user information of the fabric switch that attempts to connect is registered on the
port

Fabric switch settings and connection results

The following table shows the relationship between the combinations of port settings and the
connection results in authentication of fabric switches. Unless otherwise noted, connection results
are as described regardless of whether the host is configured for authentication by fabric switches
with CHAP.

Connection results

fabric switch
settings

Port Settings

User information of
fabric switch

Authentication at fabric
switch

Connected if the authentication of the fabric switch
succeeded

Registered

Registered

Enabled

Failed to be authenticated and cannot be connected

Not registered

Registered

Enabled

Failed to be authenticated and cannot be connected

Registered

Not registered

Enabled

Connected without authentication of the fabric
switch

---

---

Disabled

If a fabric switch is configured for authentication
by ports with CHAP, authentication of the host will
fail. To allow such a fabric switch to connect to the
port without authentication, do not configure it for
authentication by ports with CHAP.

---: This item does not affect the connection results, or cannot be specified.

Mutual authentication of ports

If mutual authentication is required, when authentication of a host is successful, the host in return
authenticates the port. In authentication of ports, when user information (user name and secret)
specified on the port side matches with that stored on the host, the host allows the host group to
connect.

Fibre channel authentication

Enabling or disabling host authentication on a host group

You can specify whether to authenticate hosts on each host group. Change the user authentication
settings of host groups to enable or disable authentication of hosts. By default, user authentication
is disabled.

Procedure 27 To enable host authentication on a host group

1.

On the menu bar, select Actions, Port/Host Group, and then Authentication.

2.

In the Authentication window, click

to change to Modify mode.

3.

In the Port tree, double-click the Storage System folder.

If the storage system contains any fibre channel adapters, the Fibre folder appears below the
Storage System folder.

Setting fibre channel authentication 199