Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

macsec

Syntax

Syntax (SRX Series Firewalls)

Hierarchy Level

Description

Configure Media Access Control Security (MACsec). Media Access Control Security(MACsec) is supported on control and fabric ports of SRX340, SRX345, and SRX4600 devices in chassis cluster mode to secure point-to-point Ethernet links between the peer devices in a cluster. Each point-to-point Ethernet link must be configured independently to secure using MACsec. You can enable MACsec encryption on device-to-device links using static connectivity association key (CAK) security mode.

Options

cluster-control-port <idx>

Specify chassis cluster control interface on which MACsec is enabled.

  • Values: 0.

cluster-data-port interface-name

Specify chassis cluster fabric interface on which MACsec is enabled.

connectivity-association

Create or configure a MACsec connectivity association.

traceoptions

Define MACsec configuration tracing operations.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 13.2X50-D15.

Statement introduced in SRX Series Firewalls in Junos OS Release 15.1X49-D60.