Perform this procedure to view MACsec status.
MACsec status
MACsec encryption status
MACsec encryption cipher suite, if supported on your hardware platform
The associated Connectivity Association (CA) name
Note
If you do not specify a port number, the information on all MACsec capable interfaces is displayed.
enable
show macsec status {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}
show macsec
Note
Slot and port information can differ depending on hardware platform. For more information about specific hardware, see your hardware documentation.
The switch does not support replay protect.
Note
Configuration of a MACsec cipher suite is not supported on all hardware platforms. If you do not see it in your switch output, it is not supported. For more information on the hardware restrictions, see your hardware documentation.
View MACsec status:
Switch:1#show macsec status ==================================================================================================== MACSEC Port Status ==================================================================================================== MACSEC Encryption Replay Replay Encryption Cipher CA MKA-Profile PortId Status Status Protect Protect W'dow Offset Suite Name Name ---------------------------------------------------------------------------------------------------- 1/1 enabled disabled disabled -- none AES-128 SMLTCONN mkapro1 1/2 disabled disabled disabled -- none AES-128 Nil -- 1/3 disabled disabled disabled -- none AES-128 Nil -- 1/4 disabled disabled disabled -- none AES-128 Nil -- 1/5 disabled disabled disabled -- none AES-128 Nil -- 1/6 disabled disabled disabled -- none AES-128 Nil -- 1/7 disabled disabled disabled -- none AES-128 Nil -- 1/8 disabled disabled disabled -- none AES-128 Nil -- 1/9 disabled disabled disabled -- none AES-128 Nil -- 1/10 disabled disabled disabled -- none AES-128 Nil -- 1/11 disabled disabled disabled -- none AES-128 Nil -- 1/12 disabled disabled disabled -- none AES-128 Nil -- 1/13 disabled disabled disabled -- none AES-128 Nil -- --More-- (q = quit)
View MACsec status on port 1/1:
Switch:1>show macsec status 1/1 ======================================================================================================= MACSEC Port Status ======================================================================================================= MACSEC Encryption Replay Replay Encryption Cipher CA MKA-Profile PortId Status Status Protect Protect W'dow Offset Suite Name Name ------------------------------------------------------------------------------------------------------- 1/1 enabled disabled disabled -- none AES-128 SMLTCONN mkaprof1
Display all MACsec information:
Switch:1#show macsec ========================================================================================= MACSEC Connectivity Associations Info ========================================================================================= Connectivity Connectivity AN_Mode / Port Association Name Association Key Hash TxKeyParity Members ----------------------------------------------------------------------------------------- caname33 d4433e901bae92d0cc472706f66cfc18 4AN / odd All 1 out of 1 Total Num of Macsec connectivity associates displayed ============================================================================================= MACSEC Port Status ============================================================================================= MACSEC Encryption Replay Replay Encryption Cipher CA PortId Status Status Protect Protect W'dow Offset Suite Name --------------------------------------------------------------------------------------------- 1/1 disabled disabled disabled -- none AES-128 Nil 1/2 disabled disabled disabled -- none AES-128 Nil 1/3 enabled enabled disabled -- ipv4Offset(30) AES-256 caname33 1/4 enabled enabled disabled -- ipv4Offset(30) AES-128 caname34 1/5 disabled disabled disabled -- none AES-128 Nil 1/6 disabled disabled disabled -- none AES-128 Nil --More-- (q = quit)