Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


show security macsec connections



Display the status of the active MACsec connections on the device.



Display MACsec connection information for all interfaces on the device.

interface interface-name

(Optional) Display MACsec connection information for the specified interface only.

Required Privilege Level


Output Fields

Table 1 lists the output fields for the show security macsec connections command. Output fields are listed in the approximate order in which they appear.

Table 1: show security macsec connections Output Fields

Field Name

Field Description

Fields for Interface

Interface name

Name of the interface.

CA name

Name of the connectivity association.

A connectivity association is named using the connectivity-association statement when you are enabling MACsec.

Cipher suite

Name of the cipher suite used for encryption.

Key server offset

Offset setting.

The offset is set using the offset statement when configuring the connectivity association when using static connectivity association key (CAK) or dynamic security mode.

Replay protect

Replay protection setting. Replay protection is enabled when this output is on and disabled when this output is off.

You can enable replay protection using the replay-protect statement in the connectivity association.

Outbound secure channels

Displays outgoing packet number.

Inbound secure channels

Displays source identifier and secure associations detail.

Sample Output

show security macsec connections

show security macsec connections (SRX1600 and SRX2300)

Release Information

Command introduced in Junos OS Release 15.1X49-D60.