I am struggling to find out the possibility if i can make wire rate encryption run between the two Nexus7k switches on a Layer 3 point-to-point link.
Just simple AES encrytion on the layer 3 link.
Pls consider the Nexus 7k are enabled with the relevant security licenses etc.
If this is possible can someonoe pls forward the working sample configuration?
thanks in advance,
This one works for me:
interface ethernet 1/1
|sap pmk 17A57EA11BE57BABE550F7B00B501E modelist gcm-encrypt|
sap pmk 6ADB630F907F19351B19285E276 modelist gcm-encrypt
Please note, the hex number is randomly generated, but has to be the same on both sides.
Do you have any useful commands for verifying that CTS is working?
I have tried "show cts interface ex/y" but it's not very clear.
I would like to see some encrypt/decrypt counters ideally.