I’ve been given a 1G EPL from Comcast that runs from our DC to our co-location. MetroE is pretty new to me, and for the life of me I could not set up IPSec over the top of this link in the traditional manner using a Palo 3020 on each end.
After a bit of research I stumbled upon MACsec. I was surprised I hadn’t heard of this before but I though it might work in my P2P scenario. However, I’ve been reading conflicting tales about whether it works with QinQ (which is how I believe Comcast to be delivering the service) on a WAN link. I’ve noticed Cisco white papers discussing WAN MACsec, but we’re an HPE-Aruba shop. Not that I can’t work on the Cisco; person holding the purse strings is not a fan to say the least.
I have a couple of 10G HPE-Aruba 3810Ms. They are MACsec capable. I was curious, before repurposing, whether these switches will work?Does the 802.1AE standard encompass the WAN ability, or is this some other Cisco proprietary ability?
Thank you for your help!
No comments:
Post a Comment