AS5420 and WWPN?

msotomaldonado · ‎12-10-2002

I have tested the 5420 in iSCSI routing and iSCSI transparent routing mode and I have some question regarding security:

a) about WWPns.

Is it possible to determine what WWPN will be assigned to a given IP host when it connects to the AS6420?, it seems that any IP hosts can be assigned any given WWPN (out of the 31 WWPNs available!), so, How am I supposed to implement zoning in my intelligent controller?, is there any way to define what WWPN will be assigned or used by an IP host?? is it always random and not configurable??, if so, how am I suposed to implement security zoning if I can't narrow down the WWPN used by a given IP host??

b) Does the 5420(40) fully support the AAA model?? it seems to me that it only uses the authentication part, what about the Authorization and Accounting bits??

Thanks for any comments about it.

mrfrase · ‎12-10-2002

The transparent mode on the SN5420 works only with the extended PLOGI support on the intelligent controller of your SAN. The extended PLOGI controls the access and controls LUN access. The SN5420 in this mode only checks ip address access list. EMC Volume Logix is the only vendor I know using Extended PLOGI. With extended PLOGI the host name and IP Address is also used along with the WWPN of the 31 WWPN's to uniquely identify the host to the Volume Logix controlling software. This information is then stored on the Volume managing host and is persistent across reboot of host and SAN.

As for AAA, all authorization and authentication through the normal Radius, TACACS+ and local config. There is no accounting functions built into the code of the SN542X but mibs can be pulled to account for usage