--- Begin Message ---
So it looks SW allows for the commands, as other MX products do have MACsec
support. I am 99.999% sure these commands will do nothing but make your config
file larger.
Thanks for the input. Rich
Richard McGovern
Sr Sales Engineer, Juniper Networks
978-618-3342
I’d rather be lucky than good, as I know I am not good
I don’t make the news, I just report it
On 11/27/19, 11:50 AM, "Aaron Gould" <[email protected]> wrote:
Not knowing much about this, but going from this site's guidance ( I
stopped halfway down the page ) ,
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/macsec-configuring-mx-series.html
...i did the following...
[edit]
me@site2-204-3# show | compare
[edit]
+ security {
+ macsec {
+ connectivity-association my-ca1 {
+ security-mode static-cak;
+ mka {
+ transmit-interval 6000;
+ key-server-priority 0;
+ }
+ replay-protect {
+ replay-window-size 5;
+ }
+ offset 30;
+ pre-shared-key {
+ ckn
37c9c2c45ddd012aa5bc8ef284aa23ff6729ee2e4acb66e91fe34ba2cd9fe311;
+ cak
"$9$9Zp0tBIhSrlM8n/0IhcleaZGD.P5T36/tPfIESr8LVwY4UjfTzn9AF3A0BIrlaZGjmfFn/CA0JGjqP5F3evM8X-oJGDHqLx";
## SECRET-DATA
+ }
+ exclude-protocol lldp;
+ }
+ interfaces {
+ xe-0/1/0 {
+ connectivity-association my-ca1;
+ }
+ }
+ }
+ }
[edit]
me@site2-204-3# commit check
configuration check succeeds
[edit]
me@site2-204-3#
- Aaron
--- End Message ---
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
