Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

exclude-protocol

Syntax

Hierarchy Level

Description

Specifies protocols whose packets are not secured using Media Access Control Security (MACsec) when MACsec is enabled on a link using static connectivity association key (CAK) security mode.

When this option is enabled in a connectivity association that is attached to an interface, MACsec is not enabled for all packets of the specified protocols that are sent and received on the link.

Default

Disabled.

All packets are secured on a link when MACsec is enabled, with the exception of all types of Spanning Tree Protocol (STP) packets.

Options

protocol-name

Specifies the name of the protocol that should not be MACsec-secured. Options include:

  • cdp—Cisco Discovery Protocol.

  • lacp—Link Aggregation Control Protocol.

  • lldp—Link Level Discovery Protocol.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 13.2X50-D15.

Statement introduced for SRX Series Firewalls in Junos OS Release 15.1X49-D60.