[j-nsp] [EXT] Re: MX204 MACsec
Anderson, Charles R
cra at wpi.edu
Wed Nov 27 11:53:01 EST 2019
Can you do "show security" and see if there as a message about "unsupported"?
On Wed, Nov 27, 2019 at 10:50:07AM -0600, Aaron Gould wrote:
> Not knowing much about this, but going from this site's guidance ( I stopped halfway down the page ) , https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/macsec-configuring-mx-series.html
>
> ...i did the following...
>
> [edit]
> me at site2-204-3# show | compare
> [edit]
> + security {
> + macsec {
> + connectivity-association my-ca1 {
> + security-mode static-cak;
> + mka {
> + transmit-interval 6000;
> + key-server-priority 0;
> + }
> + replay-protect {
> + replay-window-size 5;
> + }
> + offset 30;
> + pre-shared-key {
> + ckn 37c9c2c45ddd012aa5bc8ef284aa23ff6729ee2e4acb66e91fe34ba2cd9fe311;
> + cak "$9$9Zp0tBIhSrlM8n/0IhcleaZGD.P5T36/tPfIESr8LVwY4UjfTzn9AF3A0BIrlaZGjmfFn/CA0JGjqP5F3evM8X-oJGDHqLx"; ## SECRET-DATA
> + }
> + exclude-protocol lldp;
> + }
> + interfaces {
> + xe-0/1/0 {
> + connectivity-association my-ca1;
> + }
> + }
> + }
> + }
>
> [edit]
> me at site2-204-3# commit check
> configuration check succeeds
>
> [edit]
> me at site2-204-3#
>
More information about the juniper-nsp
mailing list