MACsec (Media Access Control Security) is based on 802.1AE and 802.1X protocol on the LAN security communication method.

The EAP protocol packet in the MACsec session negotiation process is a BPDU packet.

IEEE Std 802.1X-2010 Clause 11 describes the MAC format of the EAP protocol packets, as shown in the following figure:

From the packet captures the stp bpdu packet destination MAC was different from the 0180-c200-0003 which is required for the negotiation of MACsec.

From the capture we only can see the packets sent by switch1 . The dumb switch didn’t forward them . The packet  was lost in the dumb switch . 
Our switch sends by default the packet at each 2s. If the dumb switch would forward the packet there should be another packet between 1-4 .

MACsec negotiation needs the BPDU packets in this process and we suspected that the dumb switch droped the BPDU packets as a default behavior when there is no configuration.
That’s why, it’s required to configure the l2protocol-tunnel  to transport the packets.

For BPDUs, the destination MAC is  0180-c200-0003

First solution and recommended one:

In system-view apply this command on both switches :

l2protocol-tunnel user-defined-protocol test1 protocol-mac 0180-c200-0003  group-mac 0100-0008-0008

on interface view apply those commands：

interface GigabitEthernet0/0/34
port link-type access
port default vlan 10
l2protocol-tunnel user-defined-protocol test1 enable

Second solution if l2protocol-tunnel cannot be configured on the directly connected to end-switches : 

After connecting the G0/0/3 to the dumb switch and applied l2tp configuration on G0/0/2 which is connected to G0/0/1( L3 interface) then the MACsec connection could be established but this scenario is not recommended and needs to be tested with precautions.