Cisco Systems SN 5428-2 Saw User Manual


 
9-19
Cisco SN 5428-2 Storage Router Software Configuration Guide
OL-5239-01
Chapter 9 Configuring Authentication
Configuring Two-Way Authentication
Login Authentication
Use the commands in the following procedure to test Login authentication.
Example 9-3 Testing Login Authentication
*[SN5428-2-MG1]# aaa test authentication login default sysmonitor ciscomonitor
Sep 02 14:37:00:aaa:AS_NOTICE :Auth test request being queued
Sep 02 14:37:00:aaa:AS_NOTICE :Auth test request complete, status = pass
Configuring Two-Way Authentication
When iSCSI authentication is enabled, the SCSI routing instance must authenticate the IP host during
the iSCSI TCP connection process. IP hosts that cannot be authenticated are not allowed access to the
storage resources. IP hosts may also require authentication of the SCSI routing instance during the iSCSI
TCP connection process. If the SCSI routing instance cannot be authenticated, the IP host terminates the
connection.
Use the commands in the following procedure to configure a user name and password for a SCSI routing
instance that must be authenticated by IP hosts.
Note The SCSI routing instance user name and password pair must also be configured within the
authentication database services used by the IP hosts for authentication purposes.
Command Description
Step 1
enable Enter Administrator mode.
Step 2
aaa test authentication login
default sysmonitor ciscomonitor
Test the user name and password configured for Monitor mode
access to the storage router. AAA uses the services in the default
authentication list (Example 9-3).
Command Description
Step 1
enable Enter Administrator mode.
Step 2
scsirouter zeus username
zeusabc
Assign a user name to the SCSI routing instance. For example,
configure the user name zeusabc for the SCSI routing instance
named zeus.
Step 3
scsirouter zeus password
zeus123
Assign a password to the SCSI routing instance. For example,
configure the password zeus123 for the SCSI routing instance
named zeus.