Table of ContentsView in Frames

Setting the authentication policy

You must set the authentication policy, type, group and secret.

About this task

The commands must be executed at the switch console.

Steps

  1. Disable the switch by entering the following command:switchdisable
  2. Set the authentication policy on the switch to on by entering the following command: authUtil --policy -sw on
    It displays the following output:
    Warning: Activating the authentication policy requires either DH-CHAP secrets or PKI certificates depending on the protocol selected. Otherwise, ISLs will be segmented during next E-port bring-up. 
ARE YOU SURE  (yes, y, no, n): [no] yes
Auth Policy is set to ON
  3. Set the authentication type to dhchap by entering the following command:authUtil --set -a dhchap
    It displays the following output:
    Authentication is set to dhchap.
  4. Set the authentication group to 4 by entering the following command:authUtil --set -g 4
  5. Set the authentication secret by performing the following steps:
    1. Provide the wwn of the other switch in the fabric for the parameter, Enter peer WWN, Domain, or switch name.
    2. Provide the peer secret for the parameter Enter peer secret.
    3. Provide the local secret for the parameter Enter local secret.
    4. Enter the following value for the parameter Are you done.Y
    Example
    The following is an example of setting authentication secret.
    brcd> secAuthSecret --set

This command is used to set up secret keys for the DH-CHAP authentication.
The minimum length of a secret key is 8 characters and maximum 40
characters. Setting up secret keys does not initiate DH-CHAP
authentication. If switch is configured to do DH-CHAP, it is performed
whenever a port or a switch is enabled.

Warning: Please use a secure channel for setting secrets. Using
an insecure channel is not safe and may compromise secrets.

Following inputs should be specified for each entry.

1. WWN for which secret is being set up.
2. Peer secret: The secret of the peer that authenticates to peer.
3. Local secret: The local secret that authenticates peer.

Press enter to start setting up secrets > <cr>

Enter peer WWN, Domain, or switch name (Leave blank when done): 10:00:00:05:33:76:2e:99
Enter peer secret: <hidden>
Re-enter peer secret: <hidden>
Enter local secret: <hidden>
Re-enter local secret: <hidden>

Enter peer WWN, Domain, or switch name (Leave blank when done): 
Are you done? (yes, y, no, n): [no] yes
Saving data to key store... Done.
  6. Enable the switch by entering the following command:switchenable
Parent topic: Setting ISL encryption on Brocade 6510 switches
Copyright © 1994-2015, NetApp, Inc. All rights reserved.
Part number: 215-09156_B0
January 2015


©2016 NetApp Contact Us How to Buy Feedback Careers Legal Privacy Policy Subscriptions (RSS)|