Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

mka

Syntax (Junos OS)

Syntax (MX Series)

Syntax (SRX Series Firewalls)

Syntax (Junos OS Evolved)

Hierarchy Level

Description

Specify parameters for the MACsec Key Agreement (MKA) protocol. You initially establish a MACsec-secured link using a pre-shared key when you are using static CAK security mode to enable MACsec. Once matching pre-shared keys are successfully exchanged, the MACsec Key Agreement (MKA) protocol is enabled. The MKA protocol is responsible for maintaining MACsec on the link, and decides which switch on the point-to-point link becomes the key server. The key server then creates an SAK that is shared with the switch at the other end of the point-to-point link only, and that SAK is used to secure all data traffic traversing the link.

Options

The remaining statements are explained separately.

eapol-ethertype-profile eapol-profile-name Apply the profile that sets a custom EtherType for Extensible Authentication Protocol over LAN (EAPoL) to MACsec packets.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 13.2X50-D15.

Statement introduced for SRX Series Firewalls in Junos OS Release 15.1X49-D60.

Option eapol-address introduced in Junos OS Release 18.3R1.

Option bounded-delay introduced in Junos OS Release 21.1R1.

Option eapol-ethertype-profile introduced in Junos OS Evolved Release 25.4R1.

Related Documentation