Contents
40
Software Configuration Guide—Release IOS XE 3.9.xE and IOS 15.2(5)Ex
MACsec 48-4
MACsec, MKA, and 802.1X Host Modes 48-5
Single-Host Mode 48-5
Multiple-Host Mode 48-5
MKA Statistics 48-6
Configuring MACsec and MACsec Key Agreement 48-7
Default MKA MACsec Configuration 48-7
Configuring an MKA Policy 48-7
Configuring MACsec on an Interface 48-8
Configuring MKA Pre-Shared Key 48-10
Example: Connectivity Association Key Rekey 48-10
Understanding MKA MACsec with EAP-TLS 48-11
Prerequisites for MKA MACsec with EAP-TLS 48-11
Limitations for MKA MACsec with EAP-TLS 48-11
Understanding Certificate Enrollment 48-12
Generating RSA Key Pairs 48-13
Configuring Enrollment using SCEP 48-13
Configuring Manual Enrollment 48-14
Configuring MKA MACsec Using EAP-TLS 48-15
Configuring EAP-TLS and 802.1x Credentials 48-15
Configuring an Authentication Policy 48-16
Applying the 802.1x and MKA MACsec Configuration on Interfaces 48-17
Example: MKA MACsec Switch-to-Switch Configuration 48-17
Understanding Cisco TrustSec MACsec 48-19
Configuring Cisco TrustSec MACsec 48-21
Configuring Cisco TrustSec Credentials on the Switch 48-21
Configuring Cisco TrustSec Switch-to-Switch Link Security in 802.1X Mode 48-22
Configuring Cisco TrustSec Switch-to-Switch Link Security in Manual Mode 48-23
Cisco TrustSec Switch-to-Switch Link Security Configuration Example 48-24
Configuring 802.1X Port-Based Authentication 49-1
About 802.1X Port-Based Authentication 49-1
Device Roles 49-2
802.1X and Network Access Control 49-3
Authentication Initiation and Message Exchange 49-4
Ports in Authorized and Unauthorized States 49-4
802.1X Host Mode 49-6
Single-Host Mode 49-7
Multiple-Hosts Mode 49-7
Multidomain Authentication Mode 49-7
To Next Page
Loading...
