04-17-2012 08:48 AM - edited 02-21-2020 02:48 AM
Use Case:
To use MACSec between 2 Catalyst 3560-X on both sides with a provider network between that is configured for
IEEE 802.1Q Tunneling ?
Since MACSec uses 0x88e5 Frames and the Cisco SAP protocol uses 802.1x for negotiation, can that be
working ?
(I haven't success)
As there anybody who can confirm it can work and it how is done, please tell me.
best regards,
Herbert
01-29-2013 09:29 AM
Yes, you need a device that can tunnel 802.1x via L2PT.
L2PT is not needed in EoMPLS as all control packets pass untouched, this is why EoMPLS works.
07-29-2013 06:43 AM
Hello Eduardo,
reading the config guide of the Nexus 7k
this sounds like the Nexus 7k would tunnel the 802.1x frames as soon as I switch on
interface ethernet xxx
switchport mode dot1q-tunnel
l2protocol-tunnel
Is that true? Or does any other Cisco Device tunnel 802.1x via L2PT? For example the metro switches?
Thank you!
Thorsten
07-29-2013 10:33 AM
That Nexus is only capable of tunneling CDS, STP and VTP.
EoMPLS tunnels all (e.g. 802.1x) without modification to the destination mac-address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide