Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
0
Replies

MACsec between 2 x Nexus 7K M2 ports

CiscoNutt
Level 1
Level 1

‎08-30-2013 06:29 AM - edited ‎03-07-2019 03:13 PM

Hi,

I am trying to configure MACsec between three Nexus M2 ports.  once I configure it, my BGP and ISIS neighbors go down.

here is the output of my show cts interface all on one of the switches:

CTS Information for Interface Ethernet1/1:

CTS is enabled, mode: CTS_MODE_MANUAL

IFC state: Unknown

Authentication Status: CTS_AUTHC_INIT

Peer Identity:

Peer is: Unknown in manual mode

802.1x role: CTS_ROLE_UNKOWN

Last Reauthentication:

Authorization Status: CTS_AUTHZ_INIT

PEER SGT: 4

Peer SGT assignment: Trusted

SAP: Status: CTS_SAP_INIT

Configured pairwise ciphers:

Replay protection:

Replay protection mode:

Selected cipher:

Propogate SGT: Disable

here is my config from 2 Nexus switches.

Nexus1:

feature cts

cts device-id ID pasword PASSWORD

interface Eth1/1

cts manual

no propagate-sgt

sap pmk 000000000000000000000000000000009876

Nexus2:

feature cts

cts device-id ID pasword PASSWORD

interface Eth1/1

cts manual

no propagate-sgt

sap pmk 000000000000000000000000000000009876

Any help to get this working would be greatly appreciated.

Thanks

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card