diff options
Diffstat (limited to 'data/templates/macsec/wpa_supplicant.conf.j2')
| -rw-r--r-- | data/templates/macsec/wpa_supplicant.conf.j2 | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/data/templates/macsec/wpa_supplicant.conf.j2 b/data/templates/macsec/wpa_supplicant.conf.j2 index 0ac7cb860..1f7ba16f4 100644 --- a/data/templates/macsec/wpa_supplicant.conf.j2 +++ b/data/templates/macsec/wpa_supplicant.conf.j2 @@ -47,6 +47,12 @@ network={ # 1: Integrity only macsec_integ_only={{ '0' if security.encrypt is vyos_defined else '1' }} + # macsec_csindex: IEEE 802.1X/MACsec cipher suite + # 0 = GCM-AES-128 + # 1 = GCM-AES-256 +{# security.cipher is a mandatory key #} + macsec_csindex={{ '1' if security.cipher is vyos_defined('gcm-aes-256') else '0' }} + {% if security.encrypt is vyos_defined %} # mka_cak, mka_ckn, and mka_priority: IEEE 802.1X/MACsec pre-shared key mode # This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. @@ -83,5 +89,9 @@ network={ # 1..2^32-1: number of packets that could be misordered macsec_replay_window={{ security.replay_window }} {% endif %} + + # macsec_port: IEEE 802.1X/MACsec port - Port component of the SCI + # Range: 1-65534 (default: 1) + macsec_port=1 } |