EasyManuals Logo

Cisco Catalyst 3560-X User Manual

Cisco Catalyst 3560-X
1538 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #377 background imageLoading...
Page #377 background image
1-13
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-25303-03
Chapter 1 Configuring MACsec Encryption
Configuring Cisco TrustSec MACsec
This example shows how to configure Cisco TrustSec authentication in manual mode on an interface:
Switch# configure terminal
Switch(config)# interface tengiigabitethernet 1/1/2
Switch(config-if)# cts manual
Switch(config-if-cts-manual)# sap pmk 1234abcdef mode-list gcm-encrypt null no-encap
Switch(config-if-cts-manual)# no propagate sgt
Switch(config-if-cts-manual)# exit
Switch(config-if)# end
Step 4
sap pmk key [mode-list mode1 [mode2 [mode3
[mode4]]]]
(Optional) Configures the SAP pairwise master key (PMK) and
operation mode. SAP is disabled by default in Cisco TrustSec
manual mode.
key—A hexadecimal value with an even number of characters
and a maximum length of 32 characters.
The SAP operation mode options:
gcm-encrypt—Authentication and encryption
Note Select this mode for MACsec authentication and
encryption if your software license supports MACsec
encryption.
gmac—Authentication, no encryption
no-encap—No encapsulation
null—Encapsulation, no authentication or encryption
Note If the interface is not capable of data link encryption,
no-encap is the default and the only available SAP
operating mode. SGT is not supported.
Step 5
no propagate sgt Use the no form of this command when the peer is incapable of
processing a SGT. The no propagate sgt command prevents the
interface from transmitting the SGT to the peer and is required in
manual mode.
Step 6
exit Exits Cisco TrustSec 802.1X interface configuration mode.
Step 7
end Returns to privileged EXEC mode.
Step 8
show cts interface [interface-id | brief |
summary]
(Optional) Verify the configuration by displaying
TrustSec-related interface characteristics.
Step 9
copy running-config startup-config (Optional) Saves your entries in the configuration file.
Command Purpose

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General IconGeneral
Enclosure TypeRack-mountable - 1U
SubtypeGigabit Ethernet
Ports48 x 10/100/1000 + 4 x SFP
Flash Memory64 MB
Power DeviceInternal power supply
Voltage RequiredAC 120/230 V (50/60 Hz)
Operating SystemCisco IOS
Device TypeSwitch
PerformanceSwitching capacity: 128 Gbps
Jumbo Frame SupportYes
Routing ProtocolRIP-1, RIP-2, EIGRP
Remote Management ProtocolSNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
FeaturesDHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
StackingStackable
Security FeaturesSSH, RADIUS, TACACS+
ManagementCLI
Dimensions (H x W x D)17.5 in
Operating Temperature32 to 113 °F (0 to 45 °C)
Humidity10 - 95% (non-condensing)

Related product manuals