show security macsec connections (SRX)

Syntax

Description

Display the status of the active MACsec connections on the device.

Options

none	Display MACsec connection information for all interfaces on the device.
interface `interface-name`	(Optional) Display MACsec connection information for the specified interface only.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security macsec connections command. Output fields are listed in the approximate order in which they appear.

Table 1: show security macsec connections Output Fields
Field Name	Field Description
Fields for Interface
`Interface name`	Name of the interface.
`CA name`	Name of the connectivity association. A connectivity association is named using the `connectivity-association` statement when you are enabling MACsec.
`Cipher suite`	Name of the cipher suite used for encryption.
`Key server offset`	Offset setting. The offset is set using the `offset` statement when configuring the connectivity association when using static connectivity association key (CAK) or dynamic security mode.
`Replay protect`	Replay protection setting. Replay protection is enabled when this output is `on` and disabled when this output is `off`. You can enable replay protection using the `replay-protect` statement in the connectivity association.
Outbound secure channels	Displays outgoing packet number.
Inbound secure channels	Displays source identifier and secure associations detail.

Sample Output

show security macsec connections
show security macsec connections (SRX1600, SRX2300, and SRX4120)

show security macsec connections

show security macsec connections (SRX1600, SRX2300, and SRX4120)

Release Information

Command introduced in Junos OS Release 15.1X49-D60.

ON THIS PAGE