ONTAP 9.14.1 commands

vserver iscsi security default

Configure the default authentication settings

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.


This command defines a default iSCSI authentication method for your Vserver. If you do not configure the initiator to use a user-defined authentication method, the system assigns the default authentication method automatically to the initiator. Use the vserver iscsi security create command if you want to configure a user-defined authentication method.

The outbound CHAP user name and password are optional. If you want a bi-directional handshake, provide the outbound user name and you will be prompted for the corresponding password.

You cannot use the same password for inbound and outbound settings.


-vserver <Vserver Name> - Vserver

Specifies the Vserver.

-s, -auth-type {CHAP|deny|none} - Authentication Method

Specifies the authentication type:

  • CHAP - Authenticates using a CHAP user name and password.

  • none - The initiator can access the Vserver without authentication.

  • deny - The initiator cannot access the Vserver.

[-n, -user-name <text>] - Inbound CHAP User Name

Specifies the inbound CHAP user name. CHAP user names can be one to 128 bytes. A null user name is not allowed. If provided, you will be prompted to provide the corresponding inbound CHAP password.

{ [-m, -outbound-user-name <text>] - Outbound CHAP User Name

Specifies the outbound CHAP user name. CHAP user names can be one to 128 bytes. If provided, you will be prompted to enter the corresponding outbound CHAP password.

| [-clear-outbound <true>] - Clear Outbound CHAP Parameters }

Removes the outbound user name and the outbound password information from the default authentication method. After you clear the outbound information, you no longer have a bi-directional handshake.


cluster1::> vserver iscsi security default -vserver vs1 -security chap -user-name bob -outbound-user-name bob_out


Outbound Password:

Sets the default authentication method to CHAP with inbound and outbound user names and passwords.

Top of Page