2-380
Catalyst 3750-X and 3560-X Switch Command Reference
OL-29704-01
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands
mac sec
mac sec
To enable 802.1ae Media Access Control Security (MACsec) on an interface, use the macsec interface
configuration command. To disable MACsec on the interface, use the no form of this command.
macsec
no macsec
Syntax Description This command has no arguments or keywords.
Defaults MACsec is disabled.
Command Modes Interface configuration
Command History
Usage Guidelines The interface must be in switchport access mode to see this command.
Entering the macsec interface configuration command puts the interface in the MACsec mode.
Examples This example configures MACsec on an interface:
Switch(config)# interface GigabitEthernet1/0/25
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport mode access
Switch(config-if)# macsec
Switch(config-if)# authentication event linksec fail action authorize vlan 2
Switch(config-if)# authentication host-mode multi-domain
Switch(config-if)# authentication linksec policy must-secure
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication violation protect
Switch(config-if)# mka policy replay-policy
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# spanning-tree portfast
Switch(config-if)# end
You can verify your setting by entering the show macsec summary privileged EXEC command.
Related Commands
Release Modification
12.2(53)SE2 This command was introduced.
Command Description
show macsec interface
interface-id
Displays MACsec status and statistics for the specified interface.
show macsec summary Displays switch MACsec configuration.
To Next Page
Loading...
Need help?
General