Download the Amazon Direct Connect router configuration file
After you create the virtual interface and the interface state is up, you can download the router configuration file for your router.
If you use any of the following routers for virtual interfaces that have MACsec turned on, we automatically create the configuration file for your router:
-
Cisco Nexus 9K+ Series switches running NX-OS 9.3 or later software
-
Juniper Networks M/MX Series Routers running JunOS 9.5 or later software
Open the Amazon Direct Connect console at https://console.amazonaws.cn/directconnect/v2/home
. -
In the navigation pane, choose Virtual Interfaces.
-
Select the virtual interface and then choose View details.
-
Choose Download router configuration.
-
For Download router configuration, do the following:
-
For Vendor, select the manufacturer of your router.
-
For Platform, select the model of your router.
-
For Software, select the software version for your router.
-
-
Choose Download, and then use the appropriate configuration for your router to ensure that you can connect to Amazon Direct Connect.
-
If you need to manually configure your router for MACsec, use the following table as a guideline.
Parameter Description CKN length This is a 64 hexadecimal character (0–9, A–E) string. Use the full length to maximize cross-platform compatibility. CAK length This is a 64 hexadecimal character (0–9, A–E) string. Use the full length to maximize cross-platform compatibility. Cryptographic algorithm AES_256_CMAC SAK Cipher Suite -
For 100 Gbps connections: GCM_AES_XPN_256
-
For 10 Gbps connections: GCM_AES_XPN_256 or GCM_AES _256
Key Cipher Suite 16 Confidentiality Offset 0 ICV Indicator No SAK Rekey Time PN Rollover> -