Dear experts, I’m trying to get working macsec between Cisco 3850 and Juniper EX4300 without success.
Here the config: Cisco 3850 key chain test macsec key 123ABC cryptographic-algorithm aes-128-cmac ! interface TenGigabitEthernet1/0/21 switchport access vlan 10 switchport mode access cts manual policy static sgt 4 sap pmk 0000000000000000000000000000000000000000000000000000000000123ABC mode-list gcm-encrypt end EX4300 set security macsec connectivity-association test1 security-mode static-cak set security macsec connectivity-association test1 mka key-server-priority 0 set security macsec connectivity-association test1 replay-protect replay-window-size 5 set security macsec connectivity-association test1 pre-shared-key ckn 123ABC set security macsec connectivity-association test1 pre-shared-key cak "$9$-mVb2oAUHkP4oz11Cu0" set security macsec interfaces ge-0/0/21 connectivity-association test1 It remains UP on Juniper side and “not connected” on Cisco side, if the macsec is removed everything is UP. Anyone has already tried and can provide any hint/example config ? Thanks in advance, cheers, James _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/