08-19-2020 08:44 AM
Hi
Is it possible to run Trustsec over a 3rd party VPLS / Telco switching service.
Have managed to find options with Macsec for setting authentication to happen in unicast to avoid the transit provider trying to process the eapol messages but cant seem to find anything around Trustsec, does Trustsec broadcast or unicast ?
The transit/3rd party path is non-cisco which would be acting as a switching layer in the middle.
This is on a cisco 3850 switch
Thanks
08-19-2020 09:03 AM
Hi,
Every device in the path, would need to be configured (if supported) to use cts inline tagging, this will ensure the sgt tag is included in each packet. If the devices do not support inline tagging then you can use SXP to transmit the bindings to the end devices.
HTH
08-19-2020 09:05 AM
I have not done with 3rd party :
below guide should help you :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide