cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1273
Views
0
Helpful
2
Replies

Configuring MACsec on L3 Switches

sangukseo6809
Level 1
Level 1

We have Cisco Catalyst C6807-XL with version 15.4(1)SY3 and C9407R with Version 16.10.2r[FC1].

They are connected over EoMPLS and we like to have MACsec configured on the each trunk interface for a security.

I don't know my switches are supporting MACsec and if they do, What are the basic configuration for MACsec?

You can send me an email to sanguk.seo.hannah@gmail.com

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

On Cat 9K you need Network Advantage License for MACSEC , on older IOS you need Security License.

 

below guide to start :

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-9/configuration_guide/sec/b_169_sec_9300_cg/macsec_encryption.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Michalis111
Level 1
Level 1

Cisco says that on these older switch models like the C6807-XL - MacSec support depends on the modules, the newer ones (C6800-..., WS-X69…) support LAN MacSec, but 128-bit only. IP Service K9 image is needed. The C6807-DNA-A= exists, but I believe this is for SDA - the plain MacSec should be in the IP Services (or higher Adv.Enterprise) image.

Review Cisco Networking for a $25 gift card