macsec keychain policy
To apply a MACsec policy on an interface or port channel, use the macsec keychain policy command. To
disable the policy on the interface or the port channel, use the no form of this command.
macsec keychain keychain-name policy policy-name
nomacsec keychain keychain-name policy policy-name
Syntax Description
Specifies the name of the keychain. The maximum
size is 63 alphanumeric characters. It is case sensitive.
keychain-name
Command Default
The system-default-macsec-policy default policy is used.
Command Modes
Interface configuration (config-if)
Command History
ModificationRelease
This command was introduced.8.2(1)
Usage Guidelines
To use this command, you should enable the MKA feature first.
Examples
This example shows how to apply a MACsec policy on an interface:
switch# configure terminal
switch(config)# interface ethernet 11/31
switch(config-if)# macsec keychain k3 policy p1
This example shows how to apply a MACsec policy on a port channel:
switch# configure terminal
switch(config)# interface port 5
switch(config-if)# macsec keychain k3 policy p1
Related Commands
DescriptionCommand
Enables the MKA feature.feature mka
Creates a key or enters the configuration mode of an
existing key.
key
Cisco Nexus 7000 Series Security Command Reference
500
M Commands
macsec keychain policy
To Next Page
Loading...
