How to Configure CHAP Authentication for Your iSCSI Target - Managing SAN Devices and Multipathing in Oracle® Solaris 11.2

Managing SAN Devices and Multipathing in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Managing SAN Devices and Multipathing in ... » Configuring Solaris iSCSI Initiators » Configuring Authentication in Your iSCSI-Based ... » How to Configure CHAP Authentication for Your ...

Updated: December 2014

Managing SAN Devices and Multipathing in Oracle^® Solaris 11.2

Document Information

Using This Documentation

Chapter 1 Solaris I/O Multipathing Overview

Chapter 2 Configuring Solaris I/O Multipathing Features

Chapter 3 Configuring Fabric-Connected Devices

Chapter 4 Configuring Solaris iSCSI Initiators

Oracle Solaris iSCSI Technology (Overview)

Identifying Oracle Solaris iSCSI Software and Hardware Requirements

Configuring iSCSI Initiators Tasks

iSCSI Terminology

Recommended iSCSI Configuration Practices

Configuring Dynamic or Static Target Discovery

How to Configure an iSCSI Initiator

How to Access iSCSI Disks

How to Remove Discovered Target Devices

Configuring Authentication in Your iSCSI-Based Storage Network

How to Configure CHAP Authentication for Your iSCSI Initiator

How to Configure CHAP Authentication for Your iSCSI Target

Using a Third-Party RADIUS Server to Simplify CHAP Management in Your iSCSI Configuration

Setting Up iSCSI Multipathed Devices in Oracle Solaris

How to Enable Multiple iSCSI Sessions for a Target

Monitoring Your iSCSI Configuration

How to Display iSCSI Configuration Information

Modifying iSCSI Initiator and Target Parameters

Tuning iSCSI Parameters

How to Modify iSCSI Initiator and Target Parameters

Troubleshooting iSCSI Configuration Problems

No Connections to the iSCSI Target From the Local System

iSCSI Device or Disk Is Not Available on the Local System

Use LUN Masking When Using the iSNS Discovery Method

General iSCSI Error Messages

Chapter 5 Configuring Virtual Fibre Channel Ports

Chapter 6 Configuring FCoE Ports

Chapter 7 Configuring SAS Domains

Chapter 8 Configuring IPFC SAN Devices

Chapter 9 Booting the Oracle Solaris OS From Fibre Channel Devices on x86 Based Systems

Chapter 10 Persistent Binding for Tape Devices

Appendix A Manual Configuration for Fabric-Connected Devices

Appendix B Supported FC-HBA API

Appendix C Troubleshooting Multipathing-Related Problems

Appendix D Tuning Disk Target Driver Properties

Language:

How to Configure CHAP Authentication for Your iSCSI Target

This procedure assumes that you are logged in to the local system that contains the iSCSI targets.

Become an administrator.
Determine whether you want to configure unidirectional or bidirectional CHAP.
- Unidirectional authentication is the default method. Complete steps 3–5 only.
- For bidirectional authentication. Complete steps 3–7.
Unidirectional/Bidirectional CHAP: Configure the target to require that initiators identify themselves using CHAP.
```
target# itadm modify-target -a chap target-iqn
```
Unidirectional/Bidirectional CHAP: Create an initiator context that describes the initiator.
Create the initiator context with the initiator's full node name and with the initiator's CHAP secret key.
```
target# itadm create-initiator -s initiator-iqn
Enter CHAP secret: ************
Re-enter secret: ************
```
Unidirectional/Bidirectional CHAP: If the initiator uses an alternate CHAP name, then configure the initiator-context with the alternate name.
```
target# itadm modify-initiator -u initiator-CHAP-name initiator-iqn
```

Bidirectional CHAP: Set the target device secret key that identifies this target.

target# itadm modify-target -s target-iqn
Enter CHAP secret: ************
Re-enter secret: ************

(Optional) Bidirectional CHAP: If the target uses an alternate CHAP user name other than the target node name (iqn), modify the target.
```
target# itadm modify-target -u target-CHAP-name target-iqn
```

Copyright © 2009, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices