Hello,
I have one 3850 running 03.07.04.E with TrustSec running with another 3850. I am trying to configure the same thing with Catalyst 9300 running 16.9.3.
3850(config-if-cts-manual)#do show run int Te2/1/4
Building configuration...
Current configuration : 273 bytes
!
interface TenGigabitEthernet2/1/4
description L2 EPL GTS DC dark
switchport trunk allowed vlan 2
switchport mode trunk
cts manual
no propagate sgt
sap pmk 00000000000000000000000000000000000000000000000000008A8B8C8D8E8A mode-list gcm-encrypt null no-encap
end
9300(config-if-cts-manual)#$ Interface TenGigabitEthernet2/1/7
Building configuration...
Current configuration : 241 bytes
!
interface TenGigabitEthernet2/1/7
switchport trunk allowed vlan 2
switchport mode trunk
cts manual
no propagate sgt
sap pmk 00000000000000000000000000000000000000000000000000008A8B8C8D8E8A mode-list gcm-encrypt null no-encap
end
On 3850 it seems fine (Te2/1/4 up up) but on 9300 the interface keeps flapping (Te2/1/7 up down) between administratively down, line protocol is down (disabled)and TenGigabitEthernet2/1/7 is up, line protocol is down (notconnect)
I friend of mine told me he had the same problem with Cat 9300 - it doesn't know manual cts and I need to configure policy. Is that true?
I found two bugs (CSCvf66433 and CSCvi91730) but based on the software version I'm running not sure I'm hitting those.