At least one iSCSI target is configured not to use authentication.

If you are not using CHAP authentication for the iSCSI connections, it can be the reason of the message.

Please refer to the manual of your storage (and hosts) and set up CHAP authentication. Which would change the pen test result. 

@Uehara Y.  Thank you. Will i lose access to the disks if i setup CHAP? How do i go about this? I am using SCv3020 Dell EMC.

After setting up CHAP in both SV320 and hosts, you can access to the disks as you are doing right now.

I haven't done it for SC serires but I think below manual helps understand how to set it up.

https://dell.to/3PVvZQH

@Uehara Y.  Thank you. So i will have to setup CHAP in the SCv3020 fault domains. I have two. Fault domain 1 and fault domain 2. Then i will have to setup the same CHAP in the Vsphere  hosts? Is that correct? i have 4 hosts in my vsphere.

Perhaps waiting for the experienced guy's update in below URL is good but info in https://dell.to/3VrQ56b can also help.

https://dell.to/3hW2JN1

@Uehara Y.  Thank you. Will i lose access to the disks and volumes after i set CHAP. There is this warning message that tells me i will lose access. 

"Changing CHAP settings will cause iSCSI connections between SAN systems using this fault domain to be lost. Use the Configure iSCSI Connection wizard under the Storage Center Actions to re-establish lost connections after changing CHAP settings."

There is no iSCSI connection wizard on my Dell Storage Center dashboard.  How do i re-establish lost connections after changing CHAP settings?

Thank you. Please confirm the order of setting up the CHAP. Because i can see there is the option of setting up the CHAP is vSphere Client 6.7 and also in the SCv3020  Fault domain. Do i setup in the Fault domain first before setting up in the vsphere client?

Thanks.

I would like to configure chap on SCv3020 and on the VMware ESXi hosts as well. For the host i will need to directly access the host using the IP address. Is it acceptable to configure CHAP on scv3020 and hosts only or do i need to configure on vSphere as well?

When configure the CHAP can i expect downtime?  Will the virtual machines that are powered on, will they go off? Should i plan a downtime or maintenance window for this exercise?

Thank you.

What else do i need to on the SCV3020 after configure CHAP?. Is there a wizard i need to run to rescan the storage. There is a message in the Configure CHAP box.

"Changing CHAP settings will cause existing iSCSI connections between SAN systems using this fault domain to be lost. Use the Configure iSCSI connection wizard under Storage Center Actions to reestablish lost connections after changing CHAP settings."

I'm using compellent. Where can i find this option?

If you are not using Raw Device Mapping (I guess so), vSphere has the iSCSI initiators. It means we need to configure CHAP on vSphere.

After setting CHAP on SCv3020, the vSphere host expects to lose connections since SCv3020 starts requesting CHAP authentication but vSphere does not have it. After setting CHAP up on your vSphere (and maybe rescan the storage), the connections should be recovered. However, we should expect a few mins downtime (before completion of the vSphere CHAP settings). If the virtual machines on vSphere (ESXi) do not access to their storage during the downtime, there is no problem.

If you think it is a problem, perhaps leave the system as-it-is is a choice. If the system is in a closed environment, probably the system is intentionally configured without CHAP authentication. 

vSphere initiates storage rescan (not SCv3020).

As Sam said, I also recommend setting CHAP on SCv3020 first. Since it is what I always do when I set up iSCSI (even though it was for Dell Unity, VNX, VNXe storages. I am afraid I don't have any SC storage in my lab env).

Hi @Uehara Y. 

Should i use the rescan storage option in the host configuration setting. There is none that i can see on the SCv020. See below.

From what you are saying it looks like i need to configure the CHAP settings on the vSphere first before i set the CHAP setting on the SCv3020 in order to minimize downtime. Is this the correct order?