So, direct to the point:
I have a stack of Cisco 2960X switches uplinked to a stack of Cisco 9300 core switches. I need to enable encryption, however, it seems the 2960X series switches do not support anything without a separate module (though, I don't think there is one? I can't seem to find one).
I'm wondering if I can enable MACSec on the trunk ports on the 9300 using an MKA policy without PSK and not break anything. Would this allow traffic that passes through the uplinks on the 2960X stack to be encrypted on the 9300 stack? Would this pose any issues to where network traffic would be dropped due to the inconsistencies in uplink/trunk config?
Thank you!
No comments:
Post a Comment