Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

MACsec between 2 x Nexus 7K M2 ports

Hi,

I am trying to configure MACsec between three Nexus M2 ports.  once I configure it, my BGP and ISIS neighbors go down.

here is the output of my show cts interface all on one of the switches:

CTS Information for Interface Ethernet1/1:

CTS is enabled, mode: CTS_MODE_MANUAL

IFC state: Unknown

Authentication Status: CTS_AUTHC_INIT

Peer Identity:

Peer is: Unknown in manual mode

802.1x role: CTS_ROLE_UNKOWN

Last Reauthentication:

Authorization Status: CTS_AUTHZ_INIT

PEER SGT: 4

Peer SGT assignment: Trusted

SAP: Status: CTS_SAP_INIT

Configured pairwise ciphers:

Replay protection:

Replay protection mode:

Selected cipher:

Propogate SGT: Disable

here is my config from 2 Nexus switches.

Nexus1:

feature cts

cts device-id ID pasword PASSWORD

interface Eth1/1

cts manual

no propagate-sgt

sap pmk 000000000000000000000000000000009876

Nexus2:

feature cts

cts device-id ID pasword PASSWORD

interface Eth1/1

cts manual

no propagate-sgt

sap pmk 000000000000000000000000000000009876

Any help to get this working would be greatly appreciated.

Thanks

Everyone's tags (3)
338
Views
0
Helpful
0
Replies
CreatePlease to create content