Hi,
Does anybody have any idea why MACSEC is not configurable on N9K C93180YC-FX 40G (QSFP) port (int Eth1/50)?
MACSEC interface command is configurable on Eth1/47 (10G)port, but NOT on Eth1/50 (40G) port. Both ports are switchports configured as a trunk.
The details are as follows:
Software version:
NXOS: version 9.2(3)
Config:
***
feature macsec
key chain COREKC macsec
key 10
key-octet-string 7 ****** cryptographic-algorithm AES_256_CMAC
send-lifetime 00:00:00 Sep 13 2019 duration 86400
macsec policy MSPOL
cipher-suite GCM-AES-256
key-server-priority 0
window-size 512
conf-offset CONF-OFFSET-0
security-policy should-secure
sak-expiry-time 60
interface Ethernet1/47
macsec keychain COREKC policy MSPOL
***
Issue:
N9K# conf t
Enter configuration commands, one per line. End with CNTL/Z.
N9K(config)# int Eth1/50
N9K(config-if)# macsec
^
% Incomplete command at '^' marker.
N9K(config-if)# macsec ?
*** No matching command found in current mode, matching in (config) mode ***
policy Configure MACSEC policy
shutdown Shutdown / restart macsec
N9K(config-if)# sh int stat
--------------------------------------------------------------------------------
Port Name Status Vlan Duplex Speed Type
--------------------------------------------------------------------------------
Eth1/47 --- connected trunk full 10G SFP-H10GB-CU1M
Eth1/50 --- connected trunk full 40G QSFP-40G-CR4
Any help is appreciated!
Thank in advance
Csabi