好的我有一个实验室设置,我有一个Freenas服务器iscsi设置与Chap设置发现和目标的相互分裂。
以下是要求: 实施CHAP安全性 用于发现的单向CHAP 目标的双向(相互)CHAP
我可以使用两台esxi服务器,Windows 7,Windows 2003,2008和2012进行成功连接和发现
Centos可以看到发现列表,但在尝试连接时:
iscsiadm --mode node --targetname iqn.2015.lab.com:centos --portal 192.168.1.60:3260 --login
终端输出:
no records found
这是我的iscsid.conf,我把评论留在Chap部分,但是把它删除了,因为它太大了:
iscsid.startup = /etc/rc.d/init.d/iscsid force-start
node.startup = automatic
node.leading_login = No
# *************
# CHAP Settings
# *************
# To enable CHAP authentication set node.session.auth.authmethod
# to CHAP. The default is None.
node.session.auth.authmethod = CHAP
# To set a CHAP username and password for initiator
# authentication by the target(s), uncomment the following lines:
#node.session.auth.username = group7
#node.session.auth.password = passwordpassword
# To set a CHAP username and password for target(s)
# authentication by the initiator, uncomment the following lines:
node.session.auth.username_in = group7
node.session.auth.password_in = passwordpassword
# To enable CHAP authentication for a discovery session to the target
# set discovery.sendtargets.auth.authmethod to CHAP. The default is None.
discovery.sendtargets.auth.authmethod = CHAP
# To set a discovery session CHAP username and password for the initiator
# authentication by the target(s), uncomment the following lines:
discovery.sendtargets.auth.username = group7
discovery.sendtargets.auth.password = passwordpassword
# To set a discovery session CHAP username and password for target(s)
# authentication by the initiator, uncomment the following lines:
#discovery.sendtargets.auth.username_in = group7
#discovery.sendtargets.auth.password_in = passwordpassword
node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.initial_login_retry_max = 8
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.xmit_thread_priority = -20
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.HeaderDigest = None
node.session.nr_sessions = 1
node.session.iscsi.FastAbort = Yes
感谢任何帮助。谢谢。
答案 0 :(得分:1)
您需要用于会话设置的双向CHAP,但在配置文件中,您已注释掉了定义从启动器到目标的登录的行:
# To set a CHAP username and password for initiator
# authentication by the target(s), uncomment the following lines:
#node.session.auth.username = group7
#node.session.auth.password = passwordpassword