HP StorageWorks 2/16V HP StorageWorks SAN Switch 2/8V, 2/16V, 2/16N Fabric OS - Page 15

Security: FCS list, Security: HTTP policy

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

Important Notes Table 4: Fabric OS Area Information (Continued) Fabric OS Area LTO 2 tape drive support rsh and rlogin Security: default password length Security: empty policies Security: error counter Security: fabric segment Security: FCS list Security: HTTP policy Security: PKICERT utility, CSR syntax Description When using the LTO 2 tape drive, the user must enter the following command on both Fabric OS v3.x and v4.x: switch> portcfggport port# where drive is plugged in This allows the tape drive to function in point-to-point mode rather than in loop mode. The programs rsh and rlogin are not supported in this release. If you try to use an rsh or rlogin client, Fabric OS rejects the login attempt; however, because most rsh and rlogin clients continue to retry the login for several seconds before timing out, your system appears to hang. The initial login prompt for a switch accepts a maximum password length of eight characters. Any characters beyond the eighth are ignored. CAUTION: If Telnet, API, and serial port access policies are empty, the user will not be able to communicate with the switch. Workaround: Contact your HP Technical Support for the recovery procedure. Telnet security errors that arrive in quick succession are recorded as a single violation by the telnet error counter. For example, a login error from a host whose IP address is 192.168.44.247 is logged as follows: Security violation: Login failure attempt via TELNET/SSH/RSH. IP Addr: 192.168.44.247 If another login violation occurs immediately, the message remains the same and only the error counter is incremented. When two secure fabrics are continuously joined and separated while the CPU is under heavy load, the fabric segments after approximately 30 cycles. Adding switches to the FCS list does not automatically join the switches in a secure fabric. Add the switches to the FCS list of the new switches and the target fabric. Reset the version stamp to 0 and either reset the E_Ports or perform a switch disable and enable for the switches to join. If HTTP_Policy is empty, you will not be able to log in and will receive a Page not found error. This is expected behavior for this policy. Before using the PKICERT utility to prepare a certificate signing request (CSR), ensure that there are no spaces in the switch names of any switches in the fabric. The web site that processes the CSRs and generates the digital certificates does not accept switch names containing spaces; CSRs that do not conform to this requirement are rejected. SAN Switch 2/8V, 2/16V, 2/16N Fabric OS 4.2.x Release Notes 15

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
Important Notes
15
SAN Switch 2/8V, 2/16V, 2/16N Fabric OS 4.2.x Release Notes
LTO 2 tape drive
support
When using the LTO 2 tape drive, the user must enter the following
command on both Fabric OS v3.x and v4.x:
switch>
portcfggport port# where drive is plugged in
This allows the tape drive to function in point-to-point mode rather than in
loop mode.
rsh and rlogin
The programs
rsh
and
rlogin
are not supported in this release. If you try
to use an
rsh
or
rlogin
client, Fabric OS rejects the login attempt;
however, because most
rsh
and
rlogin
clients continue to retry the login
for several seconds before timing out, your system appears to hang.
Security: default
password length
The initial login prompt for a switch accepts a maximum password length of
eight characters. Any characters beyond the eighth are ignored.
Security: empty
policies
CAUTION: If Telnet, API, and serial port access policies are empty, the user
will not be able to communicate with the switch.
Workaround:
Contact your HP Technical Support for the recovery
procedure.
Security: error counter
Telnet security errors that arrive in quick succession are recorded as a single
violation by the telnet error counter. For example, a login error from a host
whose IP address is 192.168.44.247 is logged as follows:
Security violation: Login failure attempt via
TELNET/SSH/RSH. IP Addr: 192.168.44.247
If another login violation occurs immediately, the message remains the
same and only the error counter is incremented.
Security: fabric
segment
When two secure fabrics are continuously joined and separated while the
CPU is under heavy load, the fabric segments after approximately 30
cycles.
Security: FCS list
Adding switches to the FCS list does not automatically join the switches in a
secure fabric. Add the switches to the FCS list of the new switches and the
target fabric. Reset the version stamp to 0 and either reset the E_Ports or
perform a switch disable and enable for the switches to join.
Security: HTTP policy
If HTTP_Policy is empty, you will not be able to log in and will receive a
Page not found error
. This is expected behavior for this policy.
Security: PKICERT
utility, CSR syntax
Before using the PKICERT utility to prepare a certificate signing request
(CSR), ensure that there are no spaces in the switch names of any switches
in the fabric. The web site that processes the CSRs and generates the digital
certificates does not accept switch names containing spaces; CSRs that do
not conform to this requirement are rejected.
Table 4:
Fabric OS Area Information (Continued)
Fabric OS Area
Description