Wired Intelligent Edge

 View Only

  • 1.  Aruba CX 6000 - MAC Sec per port

    Posted Feb 20, 2025 03:26 AM

    Hi,

    We have a customer want to have Aruba CX 6000 and Aruba central, he wants to configure Per-Port mac security to allow only one or two MACs to connect using this port also he is exploring if he can do this using Aruba central instead of using CLI on each switch.

    Also can they add a mac-list for the only permitted macs on a spacific switch without specifiying it per port.

    Does Aruba CX 6000 support these needs? Does Aruba Central Support these needs? Can we have the two senarios ?



  • 2.  RE: Aruba CX 6000 - MAC Sec per port

    Posted Feb 22, 2025 06:03 PM

    I don't think Cx6000 and 6100 switches support MACsec.



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Aruba CX 6000 - MAC Sec per port

    Posted Feb 23, 2025 06:42 AM

    Hi @DA16

    If I understand you correctly you are asking for port security feature and not traffic encryption (MACsec).

    Here is the link to CLI Bank.

    To restrict access to the port by mac address without RADIUS, the command is "port-access port-security mac-address".

    You will need to use CLI or NetEdit or Multiedit feature in Central or REST API to configure it. No GUI config is available for it.

    For using this feature the best is to get familiar with CLI. Security Guide is good reading on this topic.

    Multiedit or NetEdit will allow you to configure multiple switches in one session. Or if you prefer to use template configuration.

    Best, Gorazd



    ------------------------------
    Gorazd Kikelj
    MVP Guru 2025
    ------------------------------

    Original Message


Related Content