- Notes, cautions, and warnings
- Getting started
- System concepts
- Storage environment
- Virtual storage
- Linear storage
- Disk groups
- RAID levels
- ADAPT
- Disk group utilities
- SSDs
- Spares
- Pools
- Changing pool settings
- Volumes and volume groups
- Volume cache options
- Overcommitting volumes
- About automated tiered storage
- Initiators, hosts, and host groups
- CHAP
- Host ports
- Attaching volumes to hosts
- Operating with a single controller
- Snapshots
- Copying volumes or snapshots
- Reconstruction
- Quick rebuild
- Updating firmware
- Managed logs
- LDAP
- DNS settings
- Peer connections
- Replication
- Full disk encryption
- Rescanning disks
- Clearing disk metadata
- Data protection during failover to a single controller
- SupportAssist
- About CloudIQ
- Event history
- Audit logs
- System metrics
- Dashboard
- Provisioning
- Working with volumes
- Volumes table
- Data protection table
- Creating volumes
- Modifying volumes
- Deleting volumes and snapshots
- Attaching volumes to hosts
- Detaching volumes from hosts
- Expanding volumes
- Rolling back virtual volumes
- Creating snapshots
- Resetting snapshots
- Copying volumes or snapshots
- Aborting a volume copy
- Add data protection
- Creating a replication set
- Modifying a replication set
- Deleting a replication set
- Initiating or scheduling a replication
- Suspending a replication
- Aborting a replication set
- Resuming a replication
- Managing replication schedules
- Working with hosts
- Working with volumes
- Settings
- Maintenance
- Other management interfaces
- Administering a log-collection system
- Settings changed by restoring defaults
- System configuration limits
- Best practices
- Glossary of terms
Dell PowerVault ME5 Series Administrator's Guide
Configuring iSCSI CHAP settings
For iSCSI, you can use Challenge Handshake Authentication Protocol (CHAP) to perform authentication between the initiator and target of a login request. To perform this authentication, a database of CHAP records must exist on the initiator and target. Each CHAP record can specify one name-secret pair to authenticate the initiator only (one-way CHAP) or two pairs to authenticate both the initiator and the target (mutual CHAP). For a login request from an iSCSI host to a controller iSCSI port, the host is the initiator and the controller port is the target.
During onboarding, you are prompted to enable CHAP, add new records, and edit and delete previously defined records. When CHAP is enabled and the storage system is the recipient of a login request from a known originator (initiator), the system will request a known secret. If the originator supplies the secret, the connection will be allowed.
To enable or disable CHAP configuration settings after onboarding is complete, check or uncheck the CHAP Authentication box (Settings > iSCSI > Configuration).
Regardless of whether CHAP is enabled, you can add, delete, or edit CHAP records (Settings > iSCSI > CHAP).
CAUTION Editing or deleting CHAP records may disrupt connectivity to the host using that record.
Special considerations apply when CHAP is used in a system with a peer connection, which is used in replication. In a peer connection, a storage system can act as the originator or recipient of a login request. If the originator has CHAP enabled-but the recipient does not-the originator is able to modify the peer connection to enable CHAP on the recipient. Provided the two systems have CHAP records for one another-and share the same secret-the recipient is able to authenticate the peer connection.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\