HP StorageWorks 8/80 Brocade Access Gateway Administrator's Guide v6.2.0 (53-1 - Page 29

Setting which devices cannot log in if ADS policy is enabled

Get HP StorageWorks 8/80 - SAN Switch PDF manuals and user guides View all HP StorageWorks 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 29 highlights

Advanced Device Security policy 2 • The same Allow List can be specified for more than one F_Port. This example show how to set the list of allowed devices for ports 1, 10, and 13 to all access: 1. Connect to the switch and log in as admin. 2. Enter the ag --adsset "1;10;13""*" command. switch:admin> ag--adsset"1;10;13""*" WWN list set successfully as the Allow Lists of the F_Port[s] Setting which devices cannot log in if ADS policy is enabled This example show how to set the list of allowed devices for ports 11 and 12 to no access: 1. Connect to the switch and log in as admin. 2. Enter the ag --adsset "11;12" "" command. switch:admin > ag --adsset "11;12" "" WWN list set successfully as the Allow Lists of the F_Port[s] Removing devices from the list of devices allowed at login Use the ag --adsdel command to delete the specified WWNs from the list of devices allowed to log in to the specified F_Ports. Lists must be enclosed in double quotation marks. List members must be separated by semicolons. Replace the F_Port list with an asterisk (*) to remove the specified WWNs from all the F_Ports' allow lists. The ADS policy must be enabled for this command to succeed. For example, to remove two devices from the list of allowed devices for ports 3 and 9, use the following syntax: ag--adsdel "F_Port [;F_Port2;...]" "WWN [;WWN2;...]" 1. Connect to the switch and log in as admin. 2. Enter the ag --adsdel "3;9" "22:03:08:00:88:35:a0:12;22:00:00:e0:8b:88:01:8b" command. switch:admin> ag --adsdel "3;9" "22:03:08:00:88:35:a0:12;22:00:00:e0:8b:88:01:8b" WWNs removed successfully from Allow Lists of the F_Port[s]Viewing F_Ports allowed to login Adding new devices to the list of devices allowed at login Use the adsadd command to add the specified WWNs to the list of devices allowed to log in to the specified F_Ports. Lists must be enclosed in double quotation marks. List members must be separated by semicolons. Replace the F_Port list with an asterisk (*) to add the specified WWNs to all the F_Ports' allow lists. The ADS policy must be enabled for this command to succeed. For example, to add two new devices to the list of allowed devices for ports 3 and 9, use the following syntax: ag--adsadd "F_Port [;F_Port2;...]" "WWN [;WWN2;...]" Access Gateway Administrator's Guide 11 53-1001189-01

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
Access Gateway Administrator’s Guide
11
53-1001189-01
Advanced Device Security policy
2
The same Allow List can be specified for more than one F_Port.
This example show how to set the list of allowed devices for ports 1, 10, and 13 to all access:
1.
Connect to the switch and log in as admin.
2.
Enter the
ag
--
adsset “1;10;13”“*”
command.
switch:admin> ag–-adsset“1;10;13”“*”
WWN list set successfully as the Allow Lists of the F_Port[s]
Setting which devices cannot log in if ADS policy is enabled
This example show how to set the list of allowed devices for ports 11 and 12 to no access:
1.
Connect to the switch and log in as admin.
2.
Enter the
ag
--
adsset “11;12” ““
command.
switch:admin > ag –-adsset “11;12” “”
WWN list set successfully as the Allow Lists of the F_Port[s]
Removing devices from the list of devices allowed at login
Use the
ag
--
adsdel
command to delete the specified WWNs from the list of devices allowed to log
in to the specified F_Ports. Lists must be enclosed in double quotation marks. List members must
be separated by semicolons. Replace the F_Port list with an asterisk (*) to remove the specified
WWNs from all the F_Ports' allow lists. The ADS policy must be enabled for this command to
succeed.
For example, to remove two devices from the list of allowed devices for ports 3 and 9, use the
following syntax:
ag--adsdel "F_Port [;F_Port2;...]" "WWN [;WWN2;...]"
1.
Connect to the switch and log in as admin.
2.
Enter the
ag
--
adsdel “3;9“ "22:03:08:00:88:35:a0:12;22:00:00:e0:8b:88:01:8b"
command.
switch:admin> ag --adsdel "3;9"
"22:03:08:00:88:35:a0:12;22:00:00:e0:8b:88:01:8b"
WWNs removed successfully from Allow Lists of the F_Port[s]Viewing F_Ports
allowed to login
Adding new devices to the list of devices allowed at login
Use the
adsadd
command to add the specified WWNs to the list of devices allowed to log in to the
specified F_Ports. Lists must be enclosed in double quotation marks. List members must be
separated by semicolons. Replace the F_Port list with an asterisk (*) to add the specified WWNs to
all the F_Ports' allow lists. The ADS policy must be enabled for this command to succeed.
For example, to add two new devices to the list of allowed devices for ports 3 and 9, use the
following syntax:
ag--adsadd "F_Port [;F_Port2;...]" "WWN [;WWN2;...]"