Dell EqualLogic PS6210XS EqualLogic Group Manager Administrator s Guide PS Ser - Page 108
Manage Access Controls for VDS/VSS Access, Authenticate Initiators with CHAP
View all Dell EqualLogic PS6210XS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 108 highlights
5. Select the checkbox next to each group policy name that you want to associate with the selected volume and click OK. Manage Access Controls for VDS/VSS Access To allow VDS and VSS access to the group, you must create at least one VDS/VSS access control policy that matches the access control credentials you configure on the computer by using Remote Setup Wizard or Auto-Snapshot Manager/Microsoft Edition. The same access control constructs (access policies, access policy groups, and basic access points) are available for defining VDS/VSS access. 1. Click Group → Group Configuration. 2. Click the VDS/VSS tab. 3. Take the appropriate action in the VDS/VSS Access Control List panel to either add, modify, or remove access. Add, Modify, or Remove an Access Policy Group: • To add an access policy group for VDS/VSS access, click Add. Select the checkbox next to the additional policy groups that you want to assign and click OK. • To make changes to the access policies within an access policy group, select a group policy and click Modify to open the Edit Access Policy Group dialog box. You can add, modify, or remove the access policies within this group. • To remove an entire policy group from VDS/VSS access, select that policy group name and click Delete. When prompted to confirm the decision, click Yes. Add, Modify, or Remove an Access Policy: • To add an additional access policy for VDS/VSS access, click Add. Select the checkbox next to the additional access policies that you want to assign and click OK. • To make changes to the access points within an access policy, select a policy and click Modify to open the Edit Access Policy dialog box. You can create new access points, edit existing access points, or remove access points that belong to this policy. • To remove an access policy from VDS/VSS access, select the policy name and click Delete. When prompted to confirm the decision, click Yes. Add, Modify, or Remove a Basic Access Point: • To create an additional access point for VDS/VSS access, click New to open the New Basic Access Point dialog box. You can then define an additional access point. • To change the parameters of an existing access point (CHAP name, iSCSI name, or IP address), select the access point that you want to edit and click Modify. • To remove a basic access point from VDS/VSS access, select the access point name and click Delete. When prompted to confirm the decision, click Yes. Authenticate Initiators with CHAP CHAP (Challenge Handshake Authentication Protocol) is a network login protocol that uses a challenge-response mechanism. You can use CHAP to authenticate iSCSI initiators by specifying a CHAP user name in an access control policy. To meet this condition, a computer must supply the user name and its password (or "secret") in the iSCSI initiator configuration interface when logging in to the target. Using CHAP for iSCSI authentication can help you manage access controls more efficiently because it restricts target access by using user names and passwords, instead of unique IP addresses or iSCSI initiator names. Before you can use CHAP for initiator authentication, you must set up the CHAP accounts consisting of a user name and password (or "secret"). Two options are available for accounts; you can use both options simultaneously in a group: • CHAP accounts in the group Local CHAP accounts do not rely on any external system. You can create up to 100 local CHAP accounts. • CHAP accounts on an external RADIUS authentication server 108 About Volume-Level Security