Use this command to set access control to the default on a port or ports.
| unauthallowed | (Optional) Specifies when unauthenticated connectivity is allowed. Unauthenticated refers to the port state before MKA is successful (that is, when a port‘s peer does not have MKA enabled or as a non-matching PSK configured). |
| unsecureallowed | (Optional) Specifies when authenticated, but unsecure connectivity, is allowed. Authenticated refers to the port state after MKA is successful (that is, when a port‘s peer does support MKA and has a matching PSK configured). Unsecure refers to the MKA Key server deciding not use MACsec. |
| port-string | (Optional) Port or range of ports. |
The option unauthallowed defaults to never. The option unsercureallowed defaults mkaServer. If neither optioin is specified, the clear applies to both.
If you do not specify a portāstring, the access control setting is applied to all ports.
All command modes.
This example shows how to reset unauthenticated connectivity to the default value for port "ge.1.10":
System(rw)->clear macsec nid unauthallowed ge.1.10
Print
this page
Email this topic
Feedback
View PDF
Download EPUB