MAC Security with Pre-shared Keys
Authentication Limitations
The following limitations apply to the MAC Security (MACsec) with Pre-shared
Keys (PSK) Authentication:
This initial release of MACsec only
implements section point-to-point LANs within a secured network as described in
Clause 7.4 MACsec to
support Infrastructure LANs of the much broader standard outlined in
IEEE802.1X-2010
Port-Based Access Control. All other sections and clauses are not
supported.
Note
MACSec
between customer edges over L2VPN is supported on untagged access
ports.
MACsec is only configurable using CLI commands. There is no SNMP access to the
two MACsec MIBs defined by IEEE: IEEE8021X-PAE-MIB and IEEE8021-SECY-MIB.
MACsec is not supported on ports with stacking enabled.
MACsec is not supported on Extended Edge Switching ports.
Hot swapping LRM/MACsec Adapters is not supported. MACsec must be disabled
before hot swapping.
The LRM/MACsec Adapters cannot be connected across slots on a
stack.
