EasyManua.ls Logo

Cisco Catalyst 4500 Series - Understanding Cisco Trustsec Macsec

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
48-19
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 48 Configuring MACsec Encryption
Understanding Cisco TrustSec MACsec
NhKR9WNrP0onZoHIivDm44CYc3iKS96XSsz7cu4J4HLimhB36tGk6M8jPGyNl4dc
eYYh4H2RSQqJLqy2D9q01uQFecHE5D79byKvVDPd1uSyVLpExg==
Redisplay enrollment request? [yes/no]: No
Switch(config)# end
Switch# configure terminal
Switch(config)# crypto pki import POLESTAR-IOS-CA certificate
Enter the base 64 encoded certificate.
End with a blank line or the word "quit" on a line by itself
!!PASTE THE CERTIFICATE CONTENT AND END WITH ENTER!!
% Router Certificate successfully imported
Switch(config)# policy-map type control subscriber DOT1X_POLICY_RADIUS
Switch(config-event-control-policymap)# event session-started match-all
Switch(config-class-control-policymap)# 10 class always do-until-failure
Switch(config-action-control-policymap)# 10 authenticate using dot1x both
Switch(config-action-control-policymap)# event authentication-failure match-all
Switch(config-class-control-policymap)# 10 class always do-until-failure
Switch(config-action-control-policymap)# 10 terminate dot1x
Switch(config-action-control-policymap)# 20 authentication-restart 7
Switch(config-action-control-policymap)# end
Switch# configure terminal
Switch(config)# eap profile EAPTLS-PROF-IOSCA
Switch(config-eap-profile)# method tls
Switch(config-eap-profile)# pki-trustpoint POLESTAR-IOS-CA
Switch(config-eap-profile)# end
Switch# configure terminal
Switch(config)# dot1x credentials EAPTLSCRED-IOSCA
Switch(config-dot1x-creden)# username catdevice@polestar.cisco.com
Switch(config-dot1x-creden)# pki-trustpoint POLESTAR-IOS-CA
Switch(config-dot1x-creden)# end
Switch(config)# interface Tengigabitethernet 1/10
Switch(config-if)# shutdown
Switch(config-if)# macsec network-link
Switch(config-if)# authentication periodic
Switch(config-if)# authentication timer reauthenticate 43200
Switch(config-if)# access-session host-mode multi-host
Switch(config-if)# access-session closed
Switch(config-if)# access-session port-control auto
Switch(config-if)# dot1x pae both
Switch(config-if)# dot1x credentials EAPTLSCRED-IOSCA
Switch(config-if)# dot1x supplicant eap profile EAPTLS-PROF-IOSCA
Switch(config-if)# service-policy type control subscriber DOT1X_POLICY_RADIUS
Switch(config-if)# end
Understanding Cisco TrustSec MACsec
Table 48-2 summarizes the Cisco TrustSec features supported on the switch. For more detailed
explanations, see the Cisco TrustSec Switch Configuration Guide:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/arch_over.html#wp10545
61

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals