diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-08-02 11:06:15 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-08-02 11:06:15 +0200 |
commit | 258e6873b60531fe70d868d2e53ce2f921fe7f13 (patch) | |
tree | 02accb29c7cd9c1475a2f12a1a0cd62e32df66e6 | |
parent | ff080c487718506bee0b22155eb1ed725ecb5720 (diff) | |
download | vyos-1x-258e6873b60531fe70d868d2e53ce2f921fe7f13.tar.gz vyos-1x-258e6873b60531fe70d868d2e53ce2f921fe7f13.zip |
macsec: T4537: add mussing macsec_csindex option to support GCM-AES-256
-rw-r--r-- | data/templates/macsec/wpa_supplicant.conf.j2 | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/data/templates/macsec/wpa_supplicant.conf.j2 b/data/templates/macsec/wpa_supplicant.conf.j2 index 0ac7cb860..d2529c50d 100644 --- a/data/templates/macsec/wpa_supplicant.conf.j2 +++ b/data/templates/macsec/wpa_supplicant.conf.j2 @@ -62,6 +62,12 @@ network={ # mka_priority (Priority of MKA Actor) is in 0..255 range with 255 being # default priority mka_priority={{ security.mka.priority }} + + # macsec_csindex: IEEE 802.1X/MACsec cipher suite + # 0 = GCM-AES-128 + # 1 = GCM-AES-256 +{# security.cipher is a mandatory key #} + macsec_csindex={{ '1' if security.cipher is vyos_defined('gcm-aes-256') else '0' }} {% endif %} {% if security.replay_window is vyos_defined %} @@ -83,5 +89,9 @@ network={ # 1..2^32-1: number of packets that could be misordered macsec_replay_window={{ security.replay_window }} {% endif %} + + # macsec_port: IEEE 802.1X/MACsec port - Port component of the SCI + # Range: 1-65534 (default: 1) + macsec_port=1 } |