Table of Contents
Advertisement
Virtual Private Networks (VPN)
MACsec
MACsec (Media Access Control Security) is a 802.1ae (Layer2) VPN protocol that can be used to create
a secure MACsec tunnel over a wired Ethernet LAN. The MACsec uses keys to provide multiple
authentications between hosts in a network.
A MACsec tunnel must be tied to a physical interface. You cannot create a MACsec tunnel for a bridge.
Security modes
Two security modes are available for a MACsec tunnel.
Automatic: Uses a pre-shared key to generate association key information, which is
n
periodically rotated through using 802.1x.
Manual: Uses connectivity association key information that is manually entered in the CAK and
n
CKN fields.
Configure a MACsec tunnel
Your TX40 device supports MACsec (Layer 2 Tunneling Protocol).
Required configuration items
n
The local network device to connect to the peer device.
n
When using Manual mode, the connectivity association key and key name.
Web
1. Log into Digi Remote Manager, or log into the local Web UI as a user with full Admin access
rights.
2. Access the device configuration:
Remote Manager:
a. Locate your device as described in
device.
b. Click the Device ID.
c. Click Settings.
d. Click to expand Config.
Local Web UI:
a. On the menu, click System. Under Configuration, click Device Configuration.
The Configuration window is displayed.
3. Click VPN > MACsec.
4. For Add MACsec tunnel, click .
TX40 User Guide
Use Digi Remote Manager to view and manage your
MACsec
611
Advertisement
Table of Contents
