Home » HP Manuals » Storage Devices » HP StorageWorks 2/64 » Manual Viewer

HP StorageWorks 2/64 HP StorageWorks Fabric OS 5.x Advanced Web Tools Administ - Page 68

Enabling and disabling RADIUS service, Configuring the RADIUS server

View all HP StorageWorks 2/64 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 68 highlights

Enabling and disabling RADIUS service At least one RADIUS server must be configured before you can enable RADIUS service. 1. Launch the Switch Admin module as described on page 36. 2. Click the AAA Service tab. 3. To enable RADIUS service, select a RADIUS service from the Primary AAA Service drop-down list, select None or Switch Database from the Secondary AAA Service drop-down list. To disable RADIUS service, select Switch Database from the Primary AAA Service drop-down list and select None from the Secondary AAA Service drop-down list. 4. Click Apply. Configuring the RADIUS server The configuration is chassis-based, so it applies to all logical switches (domains) on the switch and replicates itself on a standby CP, if one is present. It is saved in a configuration upload, and so it can be applied to other switches in a configuration download. You should configure at least two RADIUS servers so that if one fails, the other assumes service. You can configure the RADIUS server even if it is disabled. You can configure up to five RADIUS servers. You must be logged in as admin or switchAdmin to configure the RADIUS server. To configure the RADIUS server 1. Launch the Switch Admin module as described on page 36. 2. Click the AAA Service tab. 3. Click Add. The RADIUS Configuration dialog box opens. NOTE: You can configure up to five RADIUS servers. If five RADIUS servers are already configured, the Add button is disabled. 4. Enter the RADIUS server name, which is a valid IP address or Dynamic Name Server (DNS) string. Each RADIUS server must have a unique IP address or DNS name for the RADIUS server. 5. Optional: Enter the port number. 6. Optional: Enter the secret string. 7. Optional: Enter the timeout time in minutes. 8. Optional: Select an authentication protocol from CHAP or PAP. The default value is CHAP; if you do not change it, CHAP becomes the authentication protocol. 9. Click OK to return to the AAA Service tab. 10.Click Apply. Modifying the RADIUS server Use the following procedure to change the parameters of a RADIUS server that is already configured. 1. Launch the Switch Admin module as described on page 36. 2. Click the AAA Service tab. 3. Click a RADIUS server from the RADIUS Configuration list. 4. Click Modify. The RADIUS Configuration dialog box opens. 5. Enter new values for the port number, secret string, and timeout time (in minutes). 6. Select an authentication protocol from CHAP or PAP. The default value is CHAP; if you do not change it, CHAP becomes the authentication protocol. 7. Click OK to return to the AAA Service tab. 8. Click Apply. 68 Configuring standard security features

Section	Page
Contents	3
Intended audience	11
Related documentation	11
HP StorageWorks Fabric OS 5.x master glossary	11
Document conventions and symbols	12
HP technical support	12
HP-authorized reseller	13
Helpful web sites	13
Introducing Advanced Web Tools	15
What’s New in This Document	15
Requirements, installation, and support	15
Requirements	15
Installing an Advanced Web Tools license	18
Value line licenses	19
Switch support	19
Launching Advanced Web Tools	20
Advanced Web Tools	20
Logging in	21
Logging out	22
Session management	22
Using Advanced Web Tools	25
Viewing the Switch Explorer	25
Core Switch 2/64	26
SAN Director 2/128	26
4/256 SAN Director	27
SAN Switch 2/8V	28
Refresh rates	29
Fabric Tree	30
Fabric toolbar	30
Switch View	31
Switch View button menu	31
Switch Information View	31
Status Legend	31
Displaying switches in the fabric	32
Ending the Advanced Web Tools session	32
Using Advanced Web Tools and secure mode	32
Advanced Web Tools access and HTTP_POLICY	32
Opening modules in a secure fabric	33
Primary-FCS-only functionality	33
Disabled functionality	33
Recommendations for working with Advanced Web Tools	33
Managing your fabrics, switches, and ports	35
Managing fabrics, switches, and ports using Advanced Web Tools	35
Launching the switch Admin Module	36
Refreshing the switch Admin Module	37
Launching the telnet window	37
Configuring IP and netmask information	37
Configuring a syslog IP address	38
Configuring a switch	39
Enabling and disabling a switch	39
Changing the switch name	39
Changing the switch domain ID	39
Viewing and printing a switch report	40
Rebooting a switch	40
Performing a fast boot	40
Performing a switch reboot	40
Changing system configuration parameters	40
Configuring fabric parameters	41
Enabling insistent domain ID mode (FICON only)	42
Configuring virtual channel settings	43
Configuring arbitrated loop parameters	43
Configuring system services	43
Configuring ports	44
Configuring port type	45
Configuring port speed	45
Assigning a name to a port	46
Disabling a port over reboots	46
Enabling and disabling a port	46
Activating Ports on Demand	47
Maintaining licensed features	47
Activating a license on a switch	48
Removing a license from a switch	48
Administering high availability	49
Launching the High Availability module	49
Synchronizing services on the CP	50
Initiating a CP failover	50
Monitoring events	50
Displaying fabric events	51
Displaying switch events	52
Filtering fabric and switch events	53
Displaying a fabric topology report	55
Displaying the Name Server entries	55
Physically locating a switch using beaconing	57
Displaying swapped port area IDs	57
Maintaining configurations and firmware	59
Maintaining configurations	59
Backing up a configuration file	59
Restoring a configuration	60
Performing a firmware download	60
Configuring standard security features	63
Creating and maintaining user-defined accounts	63
Configuring SNMP information	65
Setting SNMP trap levels	65
Configuring SNMP information	66
Managing the RADIUS server	67
Enabling and disabling RADIUS service	68
Configuring the RADIUS server	68
Modifying the RADIUS server	68
Modifying the RADIUS server order	69
Removing a RADIUS server	69
Routing traffic	71
Introducing routing	71
Displaying FSPF routing	72
Configuring a static route	72
Enabling and disabling dynamic load sharing	73
Specifying frame order delivery	73
Configuring link cost	74
Administering extended fabrics	75
About extended link buffer allocation	75
Configuring for long distance	76
Administering ISL trunking	79
Displaying trunk group information	79
Disabling or reenabling trunking mode on a port	80
Administering zoning	81
Introducing zoning	81
Managing zoning with Advanced Web Tools	81
Launching the Zone Admin module	83
Refreshing the fabric information	83
Refreshing the Zone Admin module information	84
Saving local zoning changes	84
Closing the Zone Admin module	85
Zoning views	85
Managing zone aliases	86
Creating and populating a zone alias	86
Adding and removing members of a zone alias	86
Renaming a zone alias	87
Deleting a zone alias	87
Managing zones	87
Creating and populating a zone	87
Adding and removing the members of a zone	88
Renaming a zone	88
Deleting a zone	88
Managing QuickLoops	88
Creating a QuickLoop	89
Adding and removing members of a QuickLoop	89
Renaming a QuickLoop	89
Deleting a QuickLoop	90
Managing Fabric Assist zones	90
Creating a Fabric Assist zone	90
Adding and removing Fabric Assist zone members	91
Renaming a Fabric Assist zone	91
Deleting a Fabric Assist zone	91
Managing zone configurations	91
Creating a zone configuration	92
Adding or removing zone configuration members	93
Renaming a zone configuration	93
Deleting a zone configuration	93
Enabling a zone configuration	94
Disabling a zone configuration	94
Displaying the enabled zone configuration	94
Displaying the zone configuration summary	96
Creating a configuration analysis report	96
Displaying Initiator/Target Accessibility Matrix	97
Managing the zoning database	98
Adding a WWN to multiple aliases, zones, and Fabric Assist zones	98
Removing a WWN from multiple aliases, zones, and Fabric Assist zones	98
Replacing a WWN in multiple aliases, Fabric Assist zones, and zones	98
Searching for a zone member	99
Clearing the zoning database	99
Using zoning wizards	100
Best practices for zoning	102
Working with diagnostic features	103
Managing trace dumps	103
How a trace dump is used	104
Setting up automatic trace dump transfers	104
Disabling automatic trace uploads	105
Uploading a trace dump manually	105
Displaying switch information	105
Displaying detailed fan hardware status	106
Displaying the temperature status	106
Displaying the power supply status	107
Checking the physical health of a switch	107
Interpreting port LEDs	109
Displaying port information	110
Administering FICON CUP fabrics	113
Enabling or disabling FMS mode	113
Configuring FMS parameters	114
Displaying the code page information	116
Displaying the Control Device state	116
Configuring CUP port connectivity	117
Displaying CUP port connectivity configurations	117
Creating or editing CUP port connectivity configurations	118
Activating a CUP port connectivity configuration	119
Copying a CUP port connectivity configuration	120
Deleting a CUP port connectivity configuration	120
Administering Fabric Watch	121
Introduction to Fabric Watch	121
Using Fabric Watch with Advanced Web Tools	121
Configuring Fabric Watch thresholds	123
Configuring threshold traits	123
Configuring threshold alarms	124
Enabling or disabling threshold alarms for individual elements	124
Configuring alarms for FRUs	125
Displaying Fabric Watch alarm information	125
Displaying an alarm configuration report	125
Displaying alarms	126
Configuring e-mail notifications	126
Configuring the e-mail server on a switch	126
Configuring the e-mail alert recipient	127
Monitoring performance	129
Monitoring performance using Advanced Web Tools	129
Predefined performance graphs	129
User-defined graphs	131
Canvas configurations	131
Launching the Performance Monitor module	132
Creating a basic Performance Monitor graph	132
Customizing basic Performance Monitor graphs	133
Creating advanced Performance Monitor graphs	134
Creating an SID/DID performance graph	134
Creating a SCSI vs. IP traffic graph	136
Creating a SCSI command graph	136
Creating an AL_PA error graph	137
Managing performance graphs	137
Saving graphs to a canvas	137
Adding a graph to an existing canvas	138
Printing graphs	138
Modifying an existing graph	139
Limitations	141
General Advanced Web Tools limitations	141
Platform-specific limitations	145

Match case Limit results 1 per page

Configuring standard security features

Enabling and disabling RADIUS service

At least one RADIUS server must be configured before you can enable RADIUS service.

Launch the Switch Admin module as described on

page 36

Click the

AAA Service

tab.

To enable RADIUS service, select a RADIUS service from the Primary AAA Service drop-down list,

select

None

Switch Database

from the Secondary AAA Service drop-down list.

To disable RADIUS service, select

Switch Database

from the Primary AAA Service drop-down list and

select

None

from the Secondary AAA Service drop-down list.

Click

Apply

Configuring the RADIUS server

The configuration is chassis-based, so it applies to all logical switches (domains) on the switch and

replicates itself on a standby CP, if one is present. It is saved in a configuration upload, and so it can be

applied to other switches in a configuration download. You should configure at least two RADIUS servers

so that if one fails, the other assumes service.

You can configure the RADIUS server even if it is disabled. You can configure up to five RADIUS servers.

You must be logged in as admin or switchAdmin to configure the RADIUS server.

To configure the RADIUS server

Launch the Switch Admin module as described on

page 36

Click the

AAA Service

tab.

Click

Add

The RADIUS Configuration dialog box opens.

NOTE:

You can configure up to five RADIUS servers. If five RADIUS servers are already configured, the

Add button is disabled.

Enter the RADIUS server name, which is a valid IP address or Dynamic Name Server (DNS) string.

Each RADIUS server must have a unique IP address or DNS name for the RADIUS server.

Optional: Enter the port number.

Optional: Enter the secret string.

Optional: Enter the timeout time in minutes.

Optional: Select an authentication protocol from CHAP or PAP.

The default value is CHAP; if you do not change it, CHAP becomes the authentication protocol.

Click

to return to the AAA Service tab.

10.

Click

Apply

Modifying the RADIUS server

Use the following procedure to change the parameters of a RADIUS server that is already configured.

Launch the Switch Admin module as described on

page 36

Click the

AAA Service

tab.

Click a RADIUS server from the RADIUS Configuration list.

Click

Modify

The RADIUS Configuration dialog box opens.

Enter new values for the port number, secret string, and timeout time (in minutes).

Select an authentication protocol from CHAP or PAP.

The default value is CHAP; if you do not change it, CHAP becomes the authentication protocol.

Click

to return to the AAA Service tab.

Click

Apply