You can create an iSCSI initiator group to provide access control for iSCSI targets. Only iSCSI initiators that are members of the initiator group can access the iSCSI targets.
Note: The initiators outside the initiator group cannot access the target if the initiator group for access control is created on the iSCSI target. The existing connections from these initiators will be lost and cannot be recovered until they are added to the initiator group. You must check the current initiator connections and ensure that all the authorized initiators are added to the initiator group before group creation.
Procedure
- Navigate to the vSAN cluster.
- Click the Configure tab.
- Under vSAN, click iSCSI Target Service.
- Click the Initiator Groups tab, and click Add. The New Initiator Group dialog box is displayed.
- Enter a name for the iSCSI initiator group.
- (Optional) To add members to the initiator group, enter the IQN of each member. Use the following format to enter the member IQN:
iqn.YYYY-MM.domain:name
Where:- YYYY = year, such as 2016
- MM = month, such as 09
- domain = domain where the initiator resides
- name = member name (optional)
- Click OK or Create.
What to do next
Add members to the iSCSI initiator group.