MAC Security with Pre-shared Keys Authentication Limitations
The following limitations apply to the MAC Security (MACsec) with Pre-shared Keys (PSK) Authentication:
- This initial release of MACsec only
implements section point-to-point LANs within a secured network as described in
Clause 7.4 MACsec to
support Infrastructure LANs of the much broader standard outlined in
Port-Based Access Control. All other sections and clauses are not
NoteMACSec between customer edges over L2VPN is supported on untagged access ports.
- MACsec is only configurable using CLI commands. There is no SNMP access to the two MACsec MIBs defined by IEEE: IEEE8021X-PAE-MIB and IEEE8021-SECY-MIB.
- MACsec is not supported on ports with stacking enabled.
- MACsec is not supported on Extended Edge Switching ports.
- Hot swapping LRM/MACsec Adapters is not supported. MACsec must be disabled before hot swapping.
- The LRM/MACsec Adapters cannot be connected across slots on a stack.