Before you begin
Make sure that MACsec is enabled.
SUMMARY STEPS
1. configure terminal
2. interface name
3. eapol mac-address mac_address [ethertype eth_type]
4. eapol mac-address broadcast-address [ethertype eth_type]
5. (Optional) copy running-config startup-config
6. show macsec mka session detail
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Specifies the interface that you are configuring. You can
specify the interface type and identity. For an Ethernet port,
use ethernet slot/port.
interface name
Example:
switch(config)# interface ethernet 1/1
switch(config-if)#
Step 2
Enables the EAPOL configuration on the specified interface
type and identity.
eapol mac-address mac_address [ethertype eth_type]
Step 3
If the ethernet type is not specified, the default
ethernet type of MKA packets, which is 0x888e,
is considered.
Note
Enables the broadcast address as the alternate mac address.eapol mac-address broadcast-address [ethertype
eth_type]
Step 4
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 5
switch(config-macseckeychain-macseckey)# copy
running-config startup-config
Displays the EAPOL settings.show macsec mka session detail
Step 6
Disabling EAPOL Configuration
You can disable the EAPOL configuration on any available interface.
SUMMARY STEPS
1. configure terminal
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
512
Configuring MACsec
Disabling EAPOL Configuration
To Next Page
Loading...
