cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
605
Views
0
Helpful
0
Replies

Nexus N9K C93180YC-FX switch 40G port MACSEC issue (NX-OS 9.2.3)

csharkay
Level 1
Level 1

Hi,

 

Does anybody have any idea why MACSEC is not configurable on N9K C93180YC-FX  40G (QSFP) port (int Eth1/50)?

MACSEC interface command is configurable on Eth1/47 (10G)port, but NOT on Eth1/50 (40G) port. Both ports are switchports configured as a trunk.

 

The details are as follows:

 

Software version: 

NXOS: version 9.2(3)

 

Config:

***

feature macsec

key chain COREKC macsec
key 10
key-octet-string 7 ****** cryptographic-algorithm AES_256_CMAC
send-lifetime 00:00:00 Sep 13 2019 duration 86400

 

macsec policy MSPOL
cipher-suite GCM-AES-256
key-server-priority 0
window-size 512
conf-offset CONF-OFFSET-0
security-policy should-secure
sak-expiry-time 60


interface Ethernet1/47
macsec keychain COREKC policy MSPOL

***

 

Issue:

N9K# conf t
Enter configuration commands, one per line. End with CNTL/Z.
N9K(config)# int Eth1/50
N9K(config-if)# macsec
^
% Incomplete command at '^' marker.
N9K(config-if)# macsec ?
*** No matching command found in current mode, matching in (config) mode ***
policy Configure MACSEC policy
shutdown Shutdown / restart macsec

 

N9K(config-if)# sh int stat 

--------------------------------------------------------------------------------
Port Name Status Vlan Duplex Speed Type
--------------------------------------------------------------------------------

Eth1/47 ---   connected trunk full 10G SFP-H10GB-CU1M
Eth1/50 ---   connected trunk full 40G QSFP-40G-CR4

 

Any help is appreciated!

Thank in advance

 

Csabi

 

0 Replies 0