Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
I'm working on MACsec in an industrial context and after a first stage based on static keys (PSK for CAK) I need to automate the key management. This is why I try to understand MKA protocol and 802.1X.
For availabity reason I have never used 802...
Hi all,
I'm trying to configure and use MACsec but the only things I can have are REBOOT !
I've read different document from CISCO (I try to understand, I deduce but I'm never sure about what I do ...), even the good articles from @Tim Glen but my...
i all, I'm facing a CISCO smart switch that seems to reboot and reboot..... Sometimes it works for a few minutes (max) before rebooting. I suspect a power problem but it's been installed for only 4 months, in a cold place (not too cold) and protected...
Hi all, Does anyone have any idea why there are 2 latest firmwares for this product? Today, on the CISCO web site I can read for THE lastest firmware : - 3.1.1.7 - 3.0.0.69 I don't understand.Could you help me ? Thank you
Ok I worked to find my answer and since there is no answer here I deduce that the community does not master the topic.
[From what I understand]The two switches perform an authN with the radius server and they each receive a different MSK. From this M...
Hi,
What I understand from M02@rt37's answer :
Here, considering the link 1-3, S1 will work with KEK1 and S3 with KEK3. I don't understand how S3 will be able to decrypt the aes key sent by S1 and encrypted with KEK1 without knowing KEK1 ?
This shou...
Hi,
The French version is not necessary, as long as you accept my mistakes... but that means you are inferring that I am French from the text! it should be very ..........
Thank for your answer. You confirm my first part about supplicant/authentic...
Hi all,
To close this thread I would like to add my final (and verified) information. On industrial switch offer from CISCO (IE3xxx) MACsec 128 doesn't work until you install the v17.13. Official support team has (finally) recognized they have a lot ...
Hi Tim,
I work with Elliot and we use Rugged serie.
We will update all of our IE3400 to the v17.12 to avoid any problem with official support. I've read documents (from CISCO) about MACsec and very often it mentionned the a licence is required. In my...
