Hey guys
Has anyone managed to get basic macsec link working from a Catalyst to a Nexus 9K? Both are licensed fine but the configuration differences are throwing me off.
On the Catalyst its a simple "cts manual" and putting in the key but the nexus 9k requires a keychain and policy to be created. I cant find any articles on issues with interoperability or other people with similar problems so I'm convinced im just messing something up in the config.
Both the key chain and the manual entry have the same PSK. From what I can find the Catalyst (9500) uses AES_128_GCM which ive matched on the nexus policy but the session just stays at initializing.
The Nexus logs just say "waiting for peer" while the Catalyst just flaps.
Has anyone tried this before or seen similar?
Thanks!
No comments:
Post a Comment