SUMMARY STEPS
1. configure terminal
2. feature macsec
3. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Enables MACsec and MKA on the device.feature macsec
Example:
Step 2
switch(config)# feature macsec
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 3
switch(config)# copy running-config startup-config
Disabling MACsec
Beginning with Cisco NX-OS Release 9.2(1), disabling the MACsec feature only deactivates this feature and
does not remove the associated MACsec configurations.
Disabling MACsec has the following conditions:
• MACsec shutdown is global command and is not available at the interface level.
• The macsec shutdown, show macsec mka session/summary, show macsec mka session detail, and show
macsec mka/secy statistics commands will display the 'Macsec is shutdown' message. However, the show
macsec policy and show key chain commands will display the output.
• Consecutive MACsec status changes from macsec shutdown to no macsec shutdown and vice versa needs
a 30 seconds time interval in between the status change.
SUMMARY STEPS
1. configure terminal
2. macsec shutdown
3. (Optional) copy running-config startup-config
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
505
Configuring MACsec
Disabling MACsec
To Next Page
Loading...
