[j-nsp] MX204 MACsec

Aaron Gould aaron1 at gvtc.com
Wed Nov 27 11:50:07 EST 2019


Not knowing much about this, but going from this site's guidance ( I stopped halfway down the page ) , https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/macsec-configuring-mx-series.html

...i did the following... 

[edit]
me at site2-204-3# show | compare
[edit]
+  security {
+      macsec {
+          connectivity-association my-ca1 {
+              security-mode static-cak;
+              mka {
+                  transmit-interval 6000;
+                  key-server-priority 0;
+              }
+              replay-protect {
+                  replay-window-size 5;
+              }
+              offset 30;
+              pre-shared-key {
+                  ckn 37c9c2c45ddd012aa5bc8ef284aa23ff6729ee2e4acb66e91fe34ba2cd9fe311;
+                  cak "$9$9Zp0tBIhSrlM8n/0IhcleaZGD.P5T36/tPfIESr8LVwY4UjfTzn9AF3A0BIrlaZGjmfFn/CA0JGjqP5F3evM8X-oJGDHqLx"; ## SECRET-DATA
+              }
+              exclude-protocol lldp;
+          }
+          interfaces {
+              xe-0/1/0 {
+                  connectivity-association my-ca1;
+              }
+          }
+      }
+  }

[edit]
me at site2-204-3# commit check
configuration check succeeds

[edit]
me at site2-204-3#



- Aaron



More information about the juniper-nsp mailing list