encrypt pause-frame
encrypt pause-frame
To configure pause frame encryption for Cisco Trusted Security (Cisco TrustSec) on an interface, use the
encrypt pause-frame command. To remove the pause frame encryption, use the no form of this command.
encrypt pause-frame
no encrypt pause-frame
Syntax Description
This command has no arguments or keywords.
Command Default
Enabled on the line cards that support the encryption of pause frames
Command Modes
Cisco TrustSec 802.1X configuration mode (config-if-cts-manual) Cisco TrustSec manual configuration mode
(config-if-cts-dotx1)
Command History
Release
5.2(1)
Usage Guidelines
You must enable flow control on the interface by using the flowcontrol {send | receive} command.
When you enter the no encrypt pause-frame command, the pause frames are sent as unencypted. When you
enter the encrypt pause-frame command, pause frames are sent encrypted over the Cisco TrustSec link.
You cannot enable Cisco TrustSec on interfaces in half-duplex mode. Use the show interface command to
determine if an interface is configured for half-duplex mode.
F1 Series modules, F2 Series modules, F2e Series modules, and the N7K-M132XP-12(L) module support
Note
only clear pause frames. All other M1 Series modules support both secure (encrypted and decrypted) and
clear pause frames.
For the pause frame encryption or decryption configuration to take effect, you must enable and disable
Caution
the interface, which disrupts traffic on the interface.
This command does not require a license.
Examples
This example shows how to decrypt an interface:
switch# configure terminal
switch(config)# interface ethernet 2/2
switch(config-if)# cts dot1x
Cisco Nexus 7000 Series Security Command Reference
280
Modification
This command was introduced.
E Commands