Hitachi Storage Navigator Modular 2 User Guide

Advanced Functions10–3
Hitachi Storage Navigator Modular 2 User’s Guide
FE80::/64. The last 64 bits of the IPv6 address is referred to as the interface 
identifier. It is derived from the 48-bit Media Access Channel (MAC) address 
of the NIC.
To create the IPv6 interface identifier from the 48-bit (6-byte) Ethernet MAC 
address:
• The hexadecimal digits 0xFF-FE are inserted between the third and 
fourth bytes of the MAC address.
• The Universal/Local bit (the second low-order bit of the first byte of the...

10–4Advanced Functions
Hitachi Storage Navigator Modular 2 User’s Guide
You can view your link local address using the netsh interface ipv6 show 
interface command. When you run this command without any additional 
parameters, a list similar to the following appears:
For more detailed output, you can designate a connection name as a 
command parameter (for example, netsh interface ipv6 show interface 
“Local Area Connection 2). Using the interface parameter (with either 
an interface name or an interface...

Advanced Functions10–5
Hitachi Storage Navigator Modular 2 User’s Guide
To accomplish this, routers “advertise” their presence, various link 
parameters, and various Internet parameters. Routers advertise either 
periodically, or in response to a router solicitation message. Router 
advertisements contain prefixes that are used for on-link determination or 
address configuration, a suggested hop limit value, and other purposes.
If you need to change the contents of a router advertisement for a host...

10–6Advanced Functions
Hitachi Storage Navigator Modular 2 User’s Guide
 
Figure 10-1:  Sample Configuration 1
In this configuration:
• The storage system uses 2000/tcp and 28355/tcp to communicate with 
Navigator 2. If the storage system is connected directly to a computer, 
but cannot communicate through the router, the router can have 
blocked ports. In this case, configure the router to permit 2-way 
communication to ports.
• IPv6 multicasting is used on the local link to search for the storage...

Advanced Functions10–7
Hitachi Storage Navigator Modular 2 User’s Guide
Figure 10-2:  Sample Configuration 2
In this configuration:
• The storage system uses 2000/tcp and 28355/tcp to communicate with 
Navigator 2. If the computer is connected directly to the storage 
system, but cannot communicate through the router, the router can 
have blocked ports. In this case, configure the router to permit 2-way 
communication to ports.
• The computer in which Navigator 2 is installed (Computer A) uses 
23015/tcp...

10–8Advanced Functions
Hitachi Storage Navigator Modular 2 User’s Guide
3. The browser checks that the certificate was issued by a trusted party 
(usually a trusted root CA), that the certificate is still valid and that the 
certificate is related to the site contacted.
4. The browser uses the public key to encrypt a random symmetric 
encryption key and sends it to the server with the encrypted URL 
required as well as other encrypted http data.
5. Navigator 2 decrypts the symmetric encryption key using...

Advanced Functions10–9
Hitachi Storage Navigator Modular 2 User’s Guide
The following shows an example of issuing this command line:
4. Type the following command line to create a certificate signing request 
(CSR):
hcmdssslc req -config C:\Program 
Files\HiCommand\Base\httpsd\sslc\bin\demoCA\sslc.cnf
-new -key c:\ca\httpsdkey.pem -out c:\ca\httpsd.csr
5. Submit the created CSR file (httpsd.csr in the above example) to the 
The following shows an example of issuing this command line:
6. Submit the...

10–10Advanced Functions
Hitachi Storage Navigator Modular 2 User’s Guide
7. To create a self-signed certificate file, type the following command line:
hcmdssslc x509 -in c:\ca\httpsd.csr -out c:\ca
ewcert.pem -reg -signkey
c:\ca\httpsdkey.pem -days 365
c:\ca\httpsd.csr: CSR to CA
c:\ca
ewcert.pem: self-signed certificate
c:\ca\httpsdkey.pem: key file
8. Using a text editor, open the file httpsd.conf in  
\Base\httpsd\conf.
9. Delete the hash sign (#) from the following slanted lines, which are 
commented...

Advanced Functions10–11
Hitachi Storage Navigator Modular 2 User’s Guide
Creating a private key on Solaris or Linux
To create a private key on a Solaris or Linux operating system
1. Create the directory where the private key will be output.
2. Open a command prompt and go to the following directory:  
/Base/httpsd/sslc/bin
3. Type the following command line. The slanted text indicates a bit length 
for the key of 512, 1024, or 2048.
sslc genrsa -out /ca/httpsdkey.pem 
The following shows an example of...

10–12Advanced Functions
Hitachi Storage Navigator Modular 2 User’s Guide
5. Submit the created CSR file (httpsd.csr in the above example) to the 
CA and obtain the signed certificate.
6. To create a self-signed certificate file, type the following command line:
7. Using a text editor, open the file httpsd.conf in  
\Base\httpsd\conf.
8. Delete the hash sign (#) from the following slanted lines, which are 
commented out by default. Change the values of SSLCertificateFile 
and SSLCertificateKeyFile:
a. For...