Hi Does anyone know why the tunnel group passwords have been removed from the config. See below
tunnel-group TG_RAS ipsec-attributes
This means that if I try to restore the config I am going to have an * as the preshare key password.
Is there a way to have the preshare key shown as encrypted text?
They are not removed. This is more of a security feature to evade the 'over the back' peekers :). You can see/recover the password using multiple ways:
In addition you can also issue more system to show secret keys in plain text of all Ipsec tunnels preshare keys.
The password has not been removed, as far as I know they do show as * but the actual password is there, when you backup config that information will be backed and copied back to fw when restoring config.
Do a "write net tftp_server_ip:filename" and then open the filename from the tftp server. It should be in a non-encrypted format. The encryption is caused by the PIX software.
*Pls rate if it helps*