Configuring device authentication, Auth policy restrictions – Dell POWEREDGE M1000E User Manual
Page 211
Fabric OS Administrator’s Guide
211
53-1002745-02
Authentication policy for fabric elements
7
and CT frames, except the AUTH_NEGOTIATE ELS frame, are blocked by the switch. During this
time, the Fibre Channel driver rejects all other ELS frames. The F_Port does not form until the
AUTH_NEGOTIATE is completed. It is the HBA's responsibility to send an Authentication Negotiation
ELS frame after receiving the FLOGI accept frame with the FC-SP bit set.
Virtual Fabrics considerations
Because the device authentication policy has switch and logical switch-based parameters, each
logical switch is set when Virtual Fabrics is enabled. Authentication is enforced based on each
logical switch’s policy settings.
Configuring device authentication
1. Connect to the switch and log in using an account with admin permissions, or an account with
OM permissions for the Authentication RBAC class of commands.
2. Enter the authUtil command to set the device policy mode.
Example of setting the Device policy to passive mode:
switch:admin> authutil --policy -dev passive
Warning: Activating the authentication policy requires
DH-CHAP secrets on both switch and device. Otherwise,
the F-port will be disabled during next F-port
bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Device authentication is set to PASSIVE
AUTH policy restrictions
All fabric element authentication configurations are performed on a local switch basis.
Device authentication policy supports devices that are connected to the switch in point-to-point
manner and is visible to the entire fabric. The following are not supported:
•
Public loop devices
•
Single private devices
•
Private loop devices
•
Mixed public and private devices in loop
•
NPIV devices
•
FICON channels
•
Configupload and download will not be supported for the following AUTH attributes: auth type,
hash type, group type.
NOTE
For information about how to use authentication with Access Gateway, refer to the Access Gateway
Administrator’s Guide Supporting Fabric OS v7.1.0.