Windows iSCSI Initiator Connection problem

I am trying to configure iSCSI Initiator on Win2K8/SP2 STD Server on a HP Proliant DL380 G5 h/w with iOmega StorCenter ix4-200D as a target iSCSI device. I have enabled CHAP mutual authentication on iOmega, but I am not getting the connection. I have anotehr similar setup in our second location with a DELL server and the connection is fine there.

I am almost always getting the error msg: "Initiator CHAP secret is Invalid. Maximum size is 16 bytes and the minimum is 12 bytes..." I am using the same CHAP secret that is on the working site.

Where I'm going wrong with this? Is HP the cause?

Thanks, Sharad
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Do you possibly have any other requirements in authentication, such as IP address restriction, or IQN?
raisharadAuthor Commented:
No, nothing of that sort.
I even tried disabling CHAP on iOmega, but no help. I get Authentication Failure on iSCSI Initiator.
For some reason, I don't see "Configuration" tab on my iSCSI initiator. Here is what I see on both servers (incl. DELL which is working though)

Sharad iSCSI Initiator
Justin CAWS Solutions ArchitectCommented:
Double-check the initator names are correct on the storage and host. When you disabled CHAP, did you disable it on the array as well?
Ensure Business Longevity with As-A-Service

Using the as-a-service approach for your business model allows you to grow your revenue stream with new practice areas, without forcing you to part ways with existing clients just because they don’t fit the mold of your new service offerings.

raisharadAuthor Commented:
I even copied and pasted the names but to no help. Yes, I did disable CHAP on both storage and host. Thanks,
Greg HejlPrincipal ConsultantCommented:
CHAP Secret between 12 and 16 characters?
raisharadAuthor Commented:
I treid these secrets and none of them worked:

Does the iOmega unit have a software kit to install that might include a helper/wizard for connectivity, maybe even MPIO settings?  I'm not familiar with the iOmega unit specifically, but many other iSCSI target devices have their own special package to optimize/simplify or enhance the standard initiator.  Example:  Equallogic's HIT KIT includes a discovery piece that includes options for specifying the CHAP credentials, independantly of MS.
raisharadAuthor Commented:
Hi BobintheNoc,
No iOmega does not provide any such tool or utility, but the only difference between the working DELL and HP servers is that HP has HP Network Configuration Utility in the Control Panel, pls see the image. I never used it before but wondering if I need it for iSCSI Initiator. However, I tried checking the iSCSI box and it asks for License that I have to buy from HP.
Please advice,
Thanks, Hp Network Config Utility
Greg HejlPrincipal ConsultantCommented:
Are you, by chance, running the HP NIC Teaming Utility?  If so, break/dissolve the teaming functions so that you can run directly.  Typically, with teaming on, you'd see, for two nic interfaces that are teamed, three actual network connections--one representing the team, with all services bound, and the two literal NICs with virtually no services bound.

Teaming, while potentially functional, doesn't necessarily agree with Microsoft's iScsi initiator.  Instead, use MPIO if you need the redundancy/performance, which may be conditional upon the 'iScsi' licensing for the HP NIC.  Also, the iScsi offloading supported by the nc373 won't be accessible or useable for the tcp offloading onto the nic unless you license it.  This can impact performance since tcp checksums would have to be calc'd by the system's cpu.

In the event that you get NOWHERE with this, you might try using a broadcom reference driver and take the HP driver out of the picture.  I think the 373 is broadcom based---verify and use at your own risk.

Lastly, if you're certain you've got your iniator config'd to NOT use Chap, and whatnot, perhaps consider adding in another brand of multiport nic, perhaps an Intel quad port server card that's listed as supported or has the iScsi logo/certification.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sounds like you've covered the bases, but just in case since it was asked but not answered:  On the target side, did you disable or verify the status of any IP restriction or IQN restriction?

Perhaps you can generate a configuration file to see that the gui reflects the actual:
To generate an iSCSI configuration report
1.Open Microsoft iSCSI Initiator, and then click the Configuration tab.

2.Click Report.

3.Enter the file name, and then click Save.
raisharadAuthor Commented:
Thanks for your tenacity BobintheNOC,
It appears from your response that I have hit the wall and should take a totally different direction than wasting any more time on getting the current setup to work.

I will still give you some points as you did give me some helpful pointers in your last comments.

raisharadAuthor Commented:
I need a totally different approach to the problem...
Usually the same personality traits that allow most us to enjoy computing also make it difficult to make the 'cut your losses' decision.  I find myself down the path of "I WILL figure this out" and can spent countless hours on a problem that any 'business' minded person would realize as not worth the effort.

Sometimes, there's an defect or funky configuration that may not be resolveable, even by the folks who designed/built a component.  Those are usually the most annoying--try and try, do everything conceivable and it turns out to be a defect in hardware.

How many workstations in my career have I struggled with for a problem, and then, in the end, decided to simply format and reinstall OS--which'd often correct or resolve the initial problem.

Bottom line, when you go down a path of REASONABLE effort, and have covered your bases in core troubleshooting, it's VERY ACCEPTABLE to throw in a towel and replace/rebuild.  As a consultant, I've learned, over time and trial, that a client would rather have me buy a new $100 Wifi network card rather than spend $300 in troubleshooting time to still end up with a non-functional device.  Of course, I feel guilty in those instances, and don't bill them for full time, but to avoid it, I often offer the scenario in advance.  Same goes with virus/malware recovery on a heavily infected system--sure, I can crawl the machine, reg line by reg line, examine all files, objects, etc, and spend several hours to MAYBE come to a safe conclusion--OR I can definitely format, rebuild, repatch and redeploy in a KNOWN 2 hours.  Heck, sometimes, it's almost cheaper to buy a new business class PC at $400-500 rather than even take the chance.  Were it my OWN PC, of course I'd rebuild, repair since I don't charge myself for my own services, but is it the effective solution for the client?

Sure hope you get that iSCSI connection going.  Have you tried HP support or HP Support Forums?

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.