cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1613
Views
0
Helpful
3
Replies
Beginner

Nexus 7000 trunk encryption?

Hi,

I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.

Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.

Thanks everyone!

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Nexus 7000 trunk encryption?

franciscomuniz wrote:

Hi,

I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.

Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.

Thanks everyone!

You can use CTS for point-to-point encryption for your DCI links. Following URL has a configuration example for this:

http://www.ciscopress.com/articles/article.asp?p=1395746&seqNum=7

Keep in mind that it is point-to-point encryption so either you extend Layer-2 between Data Centers or have them connected via dark fibers.

Atif

3 REPLIES 3
Cisco Employee

Re: Nexus 7000 trunk encryption?

franciscomuniz wrote:

Hi,

I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.

Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.

Thanks everyone!

You can use CTS for point-to-point encryption for your DCI links. Following URL has a configuration example for this:

http://www.ciscopress.com/articles/article.asp?p=1395746&seqNum=7

Keep in mind that it is point-to-point encryption so either you extend Layer-2 between Data Centers or have them connected via dark fibers.

Atif

Highlighted
Beginner

Re: Nexus 7000 trunk encryption?

Thanks! Just what I was looking for.

Do you know if it works on L3 (i.e. "no switchport") links?

Just curious, as I can do it like the example in any case.

Cisco Employee

Re: Nexus 7000 trunk encryption?

franciscomuniz wrote:

Thanks! Just what I was looking for.

Do you know if it works on L3 (i.e. "no switchport") links?

Just curious, as I can do it like the example in any case.

I have not used it but I do not see a reason why it should not work with Layer-3 point-to-point links.

Atif

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards