ā01-25-2011 11:54 PM - edited ā03-04-2019 11:12 AM
Hi folk
I got a quick case here where an operator want's a layer 2, ethernet, trunk link between two sites to be encrypted. The endpoints are Cat 6513 running SXF5. Is there some way to encrypt using IOS, a Catalys application module or do I have to look for an appliance?
Regards
Fredrik
ā01-26-2011 12:36 AM
HI Fredik,
You have a few options.
L2TP has been around for a while.
You also have newer solution like Cisco TrustSec (MACsec) Layer which is based on the 802.1AE standard.
MACsec uses 128-bit AES encryption.
http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/config.pdf
I hope it helps.
Regards
GonƧalo
ā03-24-2011 06:08 AM
Hi guys!
Looking for a L2 wan point to point encryption solution, I did some basic research about MACSEC/TRUSTSEC, and I want to confirm with you what I have observed:
-TrustSec is the Cisco implementation for MSCSEC (IEEE 802.1AE).
-TurstSec has been created for a whole solution of encryption, integrity, authentication, where the whole the network is speaking TrustSec. Additionaly, TrustSec works together other sec devices and protocols (NAC, 802.1X, ACS).
-TrustSec could authenticate/authorizate a user or device taging his frame L2.
-Here a brief Solution Overview:
http://www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns1051/solution_overview_c22-591771.html
-->Can someone confirm my perception that TrustSec is a whole solution for L2 encryption, authentication and integrity?
-->Do someone knows a solution (device or protocol) to encrypt a L2 wan point to point (a inter-site L2 trunk for example)??
Best regards,
Carlos Manzo
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: