Brocade 7.1.0 Access Gateway Administrator's Guide
Page 18
... and part ordering. Other industry resources • White papers, online demonstrations, and data sheets are available through the Brocade website athttp://www.brocade.com/products-solutions/products/index.page. • Best practice guides, white papers, data sheets, and other documentation are available... a user ID and password. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com to register at : http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade website: http://www.brocade.com Release notes are ...
... and part ordering. Other industry resources • White papers, online demonstrations, and data sheets are available through the Brocade website athttp://www.brocade.com/products-solutions/products/index.page. • Best practice guides, white papers, data sheets, and other documentation are available... a user ID and password. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com to register at : http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade website: http://www.brocade.com Release notes are ...
Brocade 7.1.0 EZSwitchSetup Administrator's Guide
Page 8
White papers, online demonstrations, and data sheets are available through the Brocade website at no cost for a user ID and password. Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications ...
White papers, online demonstrations, and data sheets are available through the Brocade website at no cost for a user ID and password. Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 6
... 56 Telnet or SSH sessions 57 Getting help on a command 58 Viewing a history of command line entries 59 Password modification 61 Default account passwords 61 The switch Ethernet interface 62 Virtual Fabrics and the Ethernet interface 63 Displaying the network interface settings 63 Static ... activation and deactivation 76 Disabling a switch 76 Enabling a switch 76 Switch and Backbone shutdown 76 Powering off a Brocade switch 77 Powering off a Brocade Backbone 77 Basic connections 78 Device connection 78 Switch connection 78 6 Fabric OS Administrator's Guide 53-1002745-02
... 56 Telnet or SSH sessions 57 Getting help on a command 58 Viewing a history of command line entries 59 Password modification 61 Default account passwords 61 The switch Ethernet interface 62 Virtual Fabrics and the Ethernet interface 63 Displaying the network interface settings 63 Static ... activation and deactivation 76 Disabling a switch 76 Enabling a switch 76 Switch and Backbone shutdown 76 Powering off a Brocade switch 77 Powering off a Brocade Backbone 77 Basic connections 78 Device connection 78 Switch connection 78 6 Fabric OS Administrator's Guide 53-1002745-02
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 33
...," contains the following topics: • Chapter 1, "Understanding Fibre Channel Services," provides information on the Fibre Channel services on Brocade switches. • Chapter 2, "Performing Basic Configuration Tasks," gives a brief overview of Fabric OS, explains the Fabric OS ...on managing authentication and user accounts for the switch management channel. • Chapter 6, "Configuring Protocols," provides procedures for basic password and user account management. • Chapter 7, "Configuring Security Policies," provides information and procedures for configuring ACL policies for FC ...
...," contains the following topics: • Chapter 1, "Understanding Fibre Channel Services," provides information on the Fibre Channel services on Brocade switches. • Chapter 2, "Performing Basic Configuration Tasks," gives a brief overview of Fabric OS, explains the Fabric OS ...on managing authentication and user accounts for the switch management channel. • Chapter 6, "Configuring Protocols," provides procedures for basic password and user account management. • Chapter 7, "Configuring Security Policies," provides information and procedures for configuring ACL policies for FC ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 38
... Sun, Solaris Additional information This section lists additional Brocade and industry-specific documentation that you can obtain Building SANs with Brocade Fabric Switches through: http://www.amazon.com For additional Brocade documentation, visit the Brocade SAN Info Center and click the Resource Library location... switch support supplier for a user ID and password. Other industry resources For additional resource information, visit the Technical Committee T11 website. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for hardware,...
... Sun, Solaris Additional information This section lists additional Brocade and industry-specific documentation that you can obtain Building SANs with Brocade Fabric Switches through: http://www.amazon.com For additional Brocade documentation, visit the Brocade SAN Info Center and click the Resource Library location... switch support supplier for a user ID and password. Other industry resources For additional resource information, visit the Technical Committee T11 website. Brocade resources To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for hardware,...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 55
... apply to some models but not others, this chapter •Fabric OS overview 55 •Fabric OS command line interface 56 •Password modification 61 •The switch Ethernet interface 62 •Date and time settings 69 •Domain IDs 72 •Switch names 74 ...and deactivation 76 •Switch and Backbone shutdown 76 •Basic connections 78 Fabric OS overview This chapter describes how to configure your Brocade SAN using the API For third-party application procedures, refer to the third-party API documentation. Chapter Performing Basic Configuration Tasks 2 ...
... apply to some models but not others, this chapter •Fabric OS overview 55 •Fabric OS command line interface 56 •Password modification 61 •The switch Ethernet interface 62 •Date and time settings 69 •Domain IDs 72 •Switch names 74 ...and deactivation 76 •Switch and Backbone shutdown 76 •Basic connections 78 Fabric OS overview This chapter describes how to configure your Brocade SAN using the API For third-party application procedures, refer to the third-party API documentation. Chapter Performing Basic Configuration Tasks 2 ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 56
...in all lower case or using either in quotation marks. for example, setting the IP address or setting the boot PROM password. • Brocade DCX and DCX 8510 Backbone families: You can use the CLI procedures contained in this guide show user input enclosed in this... CP1 using Java-style capitalization. 2 Fabric OS command line interface Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc., documenting all Fabric OS operations. Example: zonecreate "zonename" requires that you need to know which RBAC role you...
...in all lower case or using either in quotation marks. for example, setting the IP address or setting the boot PROM password. • Brocade DCX and DCX 8510 Backbone families: You can use the CLI procedures contained in this guide show user input enclosed in this... CP1 using Java-style capitalization. 2 Fabric OS command line interface Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc., documenting all Fabric OS operations. Example: zonecreate "zonename" requires that you need to know which RBAC role you...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 62
...; Both Control Processors (CP0 and CP1) • Chassis management IP Brocade switches On Brocade switches, you must set the Ethernet and chassis management IP interfaces. Saving password to the switch and log in one of changing passwords login: admin Password: Please change the default account passwords: 1. To skip a single prompt, press Enter. To skip all of...
...; Both Control Processors (CP0 and CP1) • Chassis management IP Brocade switches On Brocade switches, you must set the Ethernet and chassis management IP interfaces. Saving password to the switch and log in one of changing passwords login: admin Password: Please change the default account passwords: 1. To skip a single prompt, press Enter. To skip all of...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 145
... out from unauthorized use. Perform this procedure during a planned downtime. Setting the boot PROM password for a switch without also setting the recovery string, it is rebooted. The following switch models: Brocade 300, 5410, 5424, 5450, 5460, 5470, 5480, 5100, 5300, 6505, 6510,...switches, as well as described in to the serial port interface as the Brocade Encryption Switch and VA-40FC. Without the recovery string, a lost boot PROM password by using an incorrect password. Continues the system boot process. Audit logs should be recovered. Press Esc...
... out from unauthorized use. Perform this procedure during a planned downtime. Setting the boot PROM password for a switch without also setting the recovery string, it is rebooted. The following switch models: Brocade 300, 5410, 5424, 5450, 5460, 5470, 5480, 5100, 5300, 6505, 6510,...switches, as well as described in to the serial port interface as the Brocade Encryption Switch and VA-40FC. Without the recovery string, a lost boot PROM password by using an incorrect password. Continues the system boot process. Audit logs should be recovered. Press Esc...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 146
... over a serial or Telnet connection and enter the haDisable command to boot parameters. 5. 5 The boot PROM password 4. Please set it when prompted. The boot PROM and recovery passwords must be set , the following string to the Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 Backbones. Description Continues the system boot process. The...
... over a serial or Telnet connection and enter the haDisable command to boot parameters. 5. 5 The boot PROM password 4. Please set it when prompted. The boot PROM and recovery passwords must be set , the following string to the Brocade DCX, DCX-4S, DCX 8510-4, and DCX 8510-8 Backbones. Description Continues the system boot process. The...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 148
...you set the recovery string and the boot PROM password. Record this password for a Backbone without a recovery string This procedure applies to the fabric. 1. Enter the saveEnv command to boot parameters. 6. On the Brocade DCX Backbone, set the password on page 56. 4. is entered from the ...boot interface. 6. Provides access to save the new password. 8. Provides access to reset. 5. Reboot the standby CP blade by ...
...you set the recovery string and the boot PROM password. Record this password for a Backbone without a recovery string This procedure applies to the fabric. 1. Enter the saveEnv command to boot parameters. 6. On the Brocade DCX Backbone, set the password on page 56. 4. is entered from the ...boot interface. 6. Provides access to save the new password. 8. Provides access to reset. 5. Reboot the standby CP blade by ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 150
...not require certificates. For example, when a remote authentication service is present. For a switch with any of expiring passwords. 5 Remote authentication The supported management access channels that integrate with and without remote authentication support or configuration, authentication uses... the switch's local account names and passwords. 150 Fabric OS Administrator's Guide 53-1002745-02 Brocade recommends configuring at least two authentication servers, so that if one is enabled, all...
...not require certificates. For example, when a remote authentication service is present. For a switch with any of expiring passwords. 5 Remote authentication The supported management access channels that integrate with and without remote authentication support or configuration, authentication uses... the switch's local account names and passwords. 150 Fabric OS Administrator's Guide 53-1002745-02 Brocade recommends configuring at least two authentication servers, so that if one is enabled, all...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 151
Port 389 is for any RADIUS databases first. If the password does not match or the user is not available. If the RADIUS service is not available or the credentials do not match, the login fails. ... against any RADIUS databases. Fabric OS Administrator's Guide 151 53-1002745-02 Remote authentication 5 Supported LDAP options Table 16 summarizes the various LDAP options and Brocade support for SSL. TABLE 16 Protocol LDAP options Description Channel type Default port URL...
Port 389 is for any RADIUS databases first. If the password does not match or the user is not available. If the RADIUS service is not available or the credentials do not match, the login fails. ... against any RADIUS databases. Fabric OS Administrator's Guide 151 53-1002745-02 Remote authentication 5 Supported LDAP options Table 16 summarizes the various LDAP options and Brocade support for SSL. TABLE 16 Protocol LDAP options Description Channel type Default port URL...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 153
... the assigned role and other supported attribute values such as Admin Domain member list. If your RADIUS server maintains its own password expiration attributes, you specify a single attribute or there is assigned. Brocade-AVPairs1 3 Brocade-AVPairs2 4 Brocade-AVPairs3 5 Brocade-AVPairs4 6 Brocade Password ExpiryDate 7 Brocade Password ExpiryWarning Vendor length 2 or higher 1 octet, calculated by the server Vendor ID 1588 4 octet...
... the assigned role and other supported attribute values such as Admin Domain member list. If your RADIUS server maintains its own password expiration attributes, you specify a single attribute or there is assigned. Brocade-AVPairs1 3 Brocade-AVPairs2 4 Brocade-AVPairs3 5 Brocade-AVPairs4 6 Brocade Password ExpiryDate 7 Brocade Password ExpiryWarning Vendor length 2 or higher 1 octet, calculated by the server Vendor ID 1588 4 octet...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 154
... authentication service (IAS) server to use RADIUS. TABLE 19 Entries in dictionary.brocade file Include Key Value VENDOR ATTRIBUTE Brocade Brocade-Auth-Role Brocade-AVPairs1, 2, 3, 4 Brocade-Passwd-ExpiryDate Brocade-Passwd-WarnPeriod 1588 1 string Brocade 2, 3, 4, 5 string Admin Domain or Virtual Fabric member list 6 string...use VSA to pass the admin role to the configuration file: swladmin Auth-Type := Local, User-Password == "myPassword" Brocade-Auth-Role = "admin", Brocade-AVPairs1 = "HomeLF=70", 154 Fabric OS Administrator's Guide 53-1002745-02 FIGURE 10 Windows 2000 ...
... authentication service (IAS) server to use RADIUS. TABLE 19 Entries in dictionary.brocade file Include Key Value VENDOR ATTRIBUTE Brocade Brocade-Auth-Role Brocade-AVPairs1, 2, 3, 4 Brocade-Passwd-ExpiryDate Brocade-Passwd-WarnPeriod 1588 1 string Brocade 2, 3, 4, 5 string Admin Domain or Virtual Fabric member list 6 string...use VSA to pass the admin role to the configuration file: swladmin Auth-Type := Local, User-Password == "myPassword" Brocade-Auth-Role = "admin", Brocade-AVPairs1 = "HomeLF=70", 154 Fabric OS Administrator's Guide 53-1002745-02 FIGURE 10 Windows 2000 ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 156
... ADList 1, 2, 4, 5, 6, 7, 8, 9, 12, 20 and HomeAD 2. FreeRADIUS installation places the configuration files in the RADIUS server configuration. user-za Auth-Type := Local, User-Password == "password" Brocade-Auth-Role = "ZoneAdmin", Brocade-AVPairs1 = "ADList=1,2,6," Brocade-AVPairs2 = "ADList=4-8;ADList=7,9,12" In the next example, on a Linux FreeRADIUS Server, the user (user-za) with the following settings takes the "zoneAdmin...
... ADList 1, 2, 4, 5, 6, 7, 8, 9, 12, 20 and HomeAD 2. FreeRADIUS installation places the configuration files in the RADIUS server configuration. user-za Auth-Type := Local, User-Password == "password" Brocade-Auth-Role = "ZoneAdmin", Brocade-AVPairs1 = "ADList=1,2,6," Brocade-AVPairs2 = "ADList=4-8;ADList=7,9,12" In the next example, on a Linux FreeRADIUS Server, the user (user-za) with the following settings takes the "zoneAdmin...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 157
... := Local User-Password == "johnPassword", Brocade-Auth-Role = "admin", Brocade-Passwd-ExpiryDate = "05/28/08", Brocade-Passwd-WarnPeriod = "30" Example of the following information: # dictionary.brocade # VENDOR Brocade 1588 # # attributes # ATTRIBUTE Brocade-Auth-Role 1 string Brocade ATTRIBUTE Brocade-AVPairs1 2 string Brocade ATTRIBUTE Brocade-AVPairs2 3 string Brocade ATTRIBUTE Brocade-AVPairs3 4 string Brocade ATTRIBUTE Brocade-AVPairs4 5 string Brocade ATTRIBUTE Brocade-Passwd-ExpiryDate 6 string Brocade ATTRIBUTE Brocade-Passwd-WarnPeriod 7 string...
... := Local User-Password == "johnPassword", Brocade-Auth-Role = "admin", Brocade-Passwd-ExpiryDate = "05/28/08", Brocade-Passwd-WarnPeriod = "30" Example of the following information: # dictionary.brocade # VENDOR Brocade 1588 # # attributes # ATTRIBUTE Brocade-Auth-Role 1 string Brocade ATTRIBUTE Brocade-AVPairs1 2 string Brocade ATTRIBUTE Brocade-AVPairs2 3 string Brocade ATTRIBUTE Brocade-AVPairs3 4 string Brocade ATTRIBUTE Brocade-AVPairs4 5 string Brocade ATTRIBUTE Brocade-Passwd-ExpiryDate 6 string Brocade ATTRIBUTE Brocade-Passwd-WarnPeriod 7 string...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 158
... secret matches that will use network information service (NIS) for authentication, the only way to enable authentication with the password file is to force the Brocade switch to the switch. 1. NOTE All instructions involving Microsoft Windows 2000 can still log in the event of the... following steps: 1. Configuring RADIUS service on page 175). 2. The Brocade Backbones send their RADIUS requests using password authentication protocol (PAP); Secret is an alias used to configuration for any special needs your system administrator before proceeding ...
... secret matches that will use network information service (NIS) for authentication, the only way to enable authentication with the password file is to force the Brocade switch to the switch. 1. NOTE All instructions involving Microsoft Windows 2000 can still log in the event of the... following steps: 1. Configuring RADIUS service on page 175). 2. The Brocade Backbones send their RADIUS requests using password authentication protocol (PAP); Secret is an alias used to configuration for any special needs your system administrator before proceeding ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 159
...DNS) - Enter the value 1. NOTE If a user is configured prior to enabling reverse password encryption, then the user's password is enabled. in a safe place. After clicking Finish, add a new client for a Brocade switch. A remote access policy must be created for each group of the switch. Vendor-.... Apply this case, it is the switch. Remote authentication 5 If CHAP authentication is required, then Windows must be configured to store passwords with a specific switch role. For example, you should be reentered after encryption is stored and cannot utilize CHAP. To use RADIUS. ...
...DNS) - Enter the value 1. NOTE If a user is configured prior to enabling reverse password encryption, then the user's password is enabled. in a safe place. After clicking Finish, add a new client for a Brocade switch. A remote access policy must be created for each group of the switch. Vendor-.... Apply this case, it is the switch. Remote authentication 5 If CHAP authentication is required, then Windows must be configured to store passwords with a specific switch role. For example, you should be reentered after encryption is stored and cannot utilize CHAP. To use RADIUS. ...
Brocade 7.1.0 Fabric OS Administrator's Guide
Page 160
...confirm your identity using a second factor to facilitate communication. Do not move the files to the vendor.ini file: vendor-product = Brocade dictionary = brocade ignore-ports = no port-number-usage = per-port-type help-id = 2000 b. Two-factor authentication increases the security by ...switch to corroborate identification. Configure the RSA Authentication Manager by using a memorized password. NOTE The dictionary files for more information on your documentation or visit www.rsa.com. 1. Create a brocade.dct file that needs to be modified in the following data to other ...
...confirm your identity using a second factor to facilitate communication. Do not move the files to the vendor.ini file: vendor-product = Brocade dictionary = brocade ignore-ports = no port-number-usage = per-port-type help-id = 2000 b. Two-factor authentication increases the security by ...switch to corroborate identification. Configure the RSA Authentication Manager by using a memorized password. NOTE The dictionary files for more information on your documentation or visit www.rsa.com. 1. Create a brocade.dct file that needs to be modified in the following data to other ...