Table of ContentsView in Frames

Defining a default authentication method for initiators

You can use the iscsi security default command to define a default authentication method for all initiators not specified with the iscsi security add command.

Step

  1. On the storage system console, enter the following command: iscsi security default -s [chap | none | deny] [-f radius | -p inpassword -n inname] [-o outpassword -m outname]
    The -s option takes one of three values:
    • chap—Authenticate using a CHAP user name and password.
    • none—The initiator can access the storage system without authentication.
    • deny—The initiator cannot access the storage system.

    radius indicates that RADIUS authentication is used. You can use the -f option to ensure that initiator only uses RADIUS as the authentication method. If you do not use the -f option, the initiator only attempts to authenticate via RADIUS if the local CHAP authentication fails.

    inpassword is the inbound password for CHAP authentication. The storage system uses the inbound password to authenticate the initiator.

    inname is a user name for inbound CHAP authentication. The storage system uses the inbound user name to authenticate the initiator.

    outpassword is a password for outbound CHAP authentication. The storage system uses this password for authentication by the initiator.

    outname is a user name for outbound CHAP authentication. The storage system uses this user name for authentication by the initiator.