Sample Configuration
Sample Configuration
This section provides the steps to configure the example illustrated in
Authentication, on page
Figure 19: Sample DHCHAP Authentication
To configure the authentication setup shown in
follow these steps:
Procedure
Step 1
Obtain the device name of the MDS 9216 Switch in the fabric. The MDS 9216 Switch in the fabric is identified
by the switch WWN.
MDS-9216# show wwn switch
Switch WWN is 20:00:00:05:30:00:54:de
Step 2
Explicitly enable DHCHAP in this switch.
MDS-9216(config)# feature fcsp
Note
Step 3
Configure a clear text password for this switch. This password will be used by the connecting device.
MDS-9216(config)# fcsp dhchap password rtp9216
Step 4
Configures a password for another switch in the fabric that is identified by the switch WWN device name.
MDS-9216(config)# fcsp dhchap devicename 20:00:00:05:30:00:38:5e password rtp9509
Step 5
Enable the DHCHAP mode for the required Fibre Channel interface.
MDS-9216(config)# interface fc 1/16
MDS-9216(config-if)# fcsp on
Note
Step 6
Verify the protocol security information configured in this switch by displaying the DHCHAP local password
database.
MDS-9216# show fcsp dhchap database
DHCHAP Local Password:
Other Devices' Passwords:
Step 7
Display the DHCHAP configuration in the Fibre Channel interface.
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
222
222.
When you disable DHCHAP, all related configurations are automatically discarded.
Whenever DHCHAP port mode is changed to a mode other than the Off mode, reauthentication is
performed.
Non-device specific password:*******
Password for device with WWN:20:00:00:05:30:00:38:5e is *******
Figure 19: Sample DHCHAP
Figure 19: Sample DHCHAP Authentication, on page
Configuring FC-SP and DHCHAP
222,