Please consider donating: https://www.corelan.be/index.php/donate/


1,567 views

Connect to an iSCSI SAN from Windows

In a previous post, I’ve shown how to set up a Linux based SAN solution, based upon Fedora Core 6 and the free iSCSI Enterprise Target tool. In this post, I’ll show how to connect to the SAN from Windows

First, make sure you have the Microsoft iSCSI initiatior software loaded onto your system. The components are already available in Longhorn and Vista. Windows 2003 server and XP will require some packages to be installed (which can be found on the Microsoft website). In my example, I’m using Windows Longhorn beta3, but the procedure should be more or less the same from Vista, 2003 server or XP.

Open the Microsoft iSCSI Initiator tool and go to the "discovery" tabsheet. Click "Add portal" and enter the IP address of the Linux box running the SAN emulator.

After clicking OK, you should see the target under the "Targets" tabsheet.

In the "targets" tabsheet, select the target and click "Log on". Make sure the "Automatically restore this connection when the computer starts" checkbox is enabled. This will ensure that the server will connect to the target at system boot time. If the server has a dedicated NIC to the SAN network, you may want to click the "Advanced" button and specify the correct interfaces for this connection.

(Note : this page would also be the place where you can specify CHAP authentication parameters and IPSec tunnel parameters. Be aware though, that I have not tested those on iSCSI Target ànd that using IPSec will put additional load on the network (iSCSI SAN) traffic.

When closing the window, you should see that the status of the connection has now changed to "Connected". Now you are ready to create a volume and mount it as a disk under Windows.

Click "OK" to save and close the Microsoft iSCSI initiator configuration tool.

Go to the Disk Management MMC. You should be prompted about a new Logical Disk that was found on the system.

Choose "MBR" if you’re not sure and press OK. Now you can create a volume, format the disk, and assign a drive letter. Depending on the speed of your network, formatting might take a while. Once the drive is formatted, you can use it as a regular disk in the server.

On the Linux SAN, you should see that it is connected :

user@machine ~]# cat /proc/net/iet/volume
tid:1 name:iqn.2001-04.be.corelan:san1
        lun:0 state:0 iotype:fileio iomode:wt path:/dev/hda3
[user@machine ~]# cat /proc/net/iet/session
tid:1 name:iqn.2001-04.be.corelan:san1
        sid:281475899523136 initiator:iqn.1991-05.com.microsoft:longhorn.corelan.be
                cid:1 ip:192.168.0.3 state:active hd:none dd:none

© 2007 – 2021, Peter Van Eeckhoutte (corelanc0d3r). All rights reserved.

Comments are closed.

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace
  • Categories