cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
165
Views
0
Helpful
1
Replies

Two layer 3 switces, routed interfaces, MACsec security

Hello,

If I have two layer 3 switches on a campus LAN connected to each other with a routed interface on each switch, can I still enable MACsec on both switches and the traffic between the switches would be encrypted?

Being that the switches are connected at layer 3 and MACsec is layer 2, I'm wondering how that works. Is it that the layer 2 frame is encapsulated in the IP packet between the switches?

Thanks.

1 Reply 1

Flavio Miranda
Advisor
Advisor

Hi

  The IP address is the payload of Ethernet frames, so, it will be transparent for Layer 3 communication.  The same way happens between switch and PC. The PC is somehow a layer 3 devices as well as it has IP address and routing table. But, the Macsec works just fine with PC and switches.

 macsecurity.png

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers