Solved

Windows iSCSI Initiator Connection problem

Posted on 2011-09-08
15
4,890 Views
Last Modified: 2012-10-31
Hi,
I am trying to configure iSCSI Initiator on Win2K8/SP2 STD Server on a HP Proliant DL380 G5 h/w with iOmega StorCenter ix4-200D as a target iSCSI device. I have enabled CHAP mutual authentication on iOmega, but I am not getting the connection. I have anotehr similar setup in our second location with a DELL server and the connection is fine there.

I am almost always getting the error msg: "Initiator CHAP secret is Invalid. Maximum size is 16 bytes and the minimum is 12 bytes..." I am using the same CHAP secret that is on the working site.

Where I'm going wrong with this? Is HP the cause?

Thanks, Sharad
0
Comment
Question by:raisharad
  • 6
  • 5
  • 3
  • +1
15 Comments
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36506310
Do you possibly have any other requirements in authentication, such as IP address restriction, or IQN?
0
 

Author Comment

by:raisharad
ID: 36506475
No, nothing of that sort.
I even tried disabling CHAP on iOmega, but no help. I get Authentication Failure on iSCSI Initiator.
For some reason, I don't see "Configuration" tab on my iSCSI initiator. Here is what I see on both servers (incl. DELL which is working though)


Sharad iSCSI Initiator
0
 
LVL 10

Expert Comment

by:BloodRed
ID: 36506580
Double-check the initator names are correct on the storage and host. When you disabled CHAP, did you disable it on the array as well?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:raisharad
ID: 36507173
I even copied and pasted the names but to no help. Yes, I did disable CHAP on both storage and host. Thanks,
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 36507540
CHAP Secret between 12 and 16 characters?
0
 

Author Comment

by:raisharad
ID: 36510152
I treid these secrets and none of them worked:
The2ndiSCSIdev
qazwsxedcrfvtgb

Thanks,
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 36513560
0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36515063
Does the iOmega unit have a software kit to install that might include a helper/wizard for connectivity, maybe even MPIO settings?  I'm not familiar with the iOmega unit specifically, but many other iSCSI target devices have their own special package to optimize/simplify or enhance the standard initiator.  Example:  Equallogic's HIT KIT includes a discovery piece that includes options for specifying the CHAP credentials, independantly of MS.
0
 

Author Comment

by:raisharad
ID: 36529315
Hi BobintheNoc,
No iOmega does not provide any such tool or utility, but the only difference between the working DELL and HP servers is that HP has HP Network Configuration Utility in the Control Panel, pls see the image. I never used it before but wondering if I need it for iSCSI Initiator. However, I tried checking the iSCSI box and it asks for License that I have to buy from HP.
Please advice,
Thanks, Hp Network Config Utility
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 36533790
0
 
LVL 7

Accepted Solution

by:
BobintheNoc earned 250 total points
ID: 36533946
Are you, by chance, running the HP NIC Teaming Utility?  If so, break/dissolve the teaming functions so that you can run directly.  Typically, with teaming on, you'd see, for two nic interfaces that are teamed, three actual network connections--one representing the team, with all services bound, and the two literal NICs with virtually no services bound.

Teaming, while potentially functional, doesn't necessarily agree with Microsoft's iScsi initiator.  Instead, use MPIO if you need the redundancy/performance, which may be conditional upon the 'iScsi' licensing for the HP NIC.  Also, the iScsi offloading supported by the nc373 won't be accessible or useable for the tcp offloading onto the nic unless you license it.  This can impact performance since tcp checksums would have to be calc'd by the system's cpu.

In the event that you get NOWHERE with this, you might try using a broadcom reference driver and take the HP driver out of the picture.  I think the 373 is broadcom based---verify and use at your own risk.

Lastly, if you're certain you've got your iniator config'd to NOT use Chap, and whatnot, perhaps consider adding in another brand of multiport nic, perhaps an Intel quad port server card that's listed as supported or has the iScsi logo/certification.

0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36533964
Sounds like you've covered the bases, but just in case since it was asked but not answered:  On the target side, did you disable or verify the status of any IP restriction or IQN restriction?

Perhaps you can generate a configuration file to see that the gui reflects the actual:
To generate an iSCSI configuration report
1.Open Microsoft iSCSI Initiator, and then click the Configuration tab.

2.Click Report.

3.Enter the file name, and then click Save.
0
 

Author Comment

by:raisharad
ID: 36537667
Thanks for your tenacity BobintheNOC,
It appears from your response that I have hit the wall and should take a totally different direction than wasting any more time on getting the current setup to work.

I will still give you some points as you did give me some helpful pointers in your last comments.

Thanks,
Sharad
0
 

Author Closing Comment

by:raisharad
ID: 36537676
I need a totally different approach to the problem...
0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 36547353
Usually the same personality traits that allow most us to enjoy computing also make it difficult to make the 'cut your losses' decision.  I find myself down the path of "I WILL figure this out" and can spent countless hours on a problem that any 'business' minded person would realize as not worth the effort.

Sometimes, there's an defect or funky configuration that may not be resolveable, even by the folks who designed/built a component.  Those are usually the most annoying--try and try, do everything conceivable and it turns out to be a defect in hardware.

How many workstations in my career have I struggled with for a problem, and then, in the end, decided to simply format and reinstall OS--which'd often correct or resolve the initial problem.

Bottom line, when you go down a path of REASONABLE effort, and have covered your bases in core troubleshooting, it's VERY ACCEPTABLE to throw in a towel and replace/rebuild.  As a consultant, I've learned, over time and trial, that a client would rather have me buy a new $100 Wifi network card rather than spend $300 in troubleshooting time to still end up with a non-functional device.  Of course, I feel guilty in those instances, and don't bill them for full time, but to avoid it, I often offer the scenario in advance.  Same goes with virus/malware recovery on a heavily infected system--sure, I can crawl the machine, reg line by reg line, examine all files, objects, etc, and spend several hours to MAYBE come to a safe conclusion--OR I can definitely format, rebuild, repatch and redeploy in a KNOWN 2 hours.  Heck, sometimes, it's almost cheaper to buy a new business class PC at $400-500 rather than even take the chance.  Were it my OWN PC, of course I'd rebuild, repair since I don't charge myself for my own services, but is it the effective solution for the client?

Sure hope you get that iSCSI connection going.  Have you tried HP support or HP Support Forums?

0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
User Being Logged Out of AD 6 64
SOA*.tmp files 2 40
Windows PE .WIM files WDS issue 4 27
Blocking access to Windows 10 Store on Windows 10 Pro. 5 16
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question