12-15-2008 07:02 PM - edited 02-21-2020 03:10 AM
Hi Does anyone know why the tunnel group passwords have been removed from the config. See below
tunnel-group TG_RAS ipsec-attributes
pre-shared-key *
This means that if I try to restore the config I am going to have an * as the preshare key password.
Is there a way to have the preshare key shown as encrypted text?
Many thanks
Solved! Go to Solution.
12-15-2008 08:07 PM
Hi,
Do a "write net tftp_server_ip:filename" and then open the filename from the tftp server. It should be in a non-encrypted format. The encryption is caused by the PIX software.
Regards,
Arul
*Pls rate if it helps*
12-15-2008 08:57 PM
In addition you can also issue more system to show secret keys in plain text of all Ipsec tunnels preshare keys.
The password has not been removed, as far as I know they do show as * but the actual password is there, when you backup config that information will be backed and copied back to fw when restoring config.
asa#more system:running-config
Regards
12-15-2008 10:59 PM
They are not removed. This is more of a security feature to evade the 'over the back' peekers :). You can see/recover the password using multiple ways:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00807f2d37.shtml
Regards
Farrukh
12-15-2008 08:07 PM
Hi,
Do a "write net tftp_server_ip:filename" and then open the filename from the tftp server. It should be in a non-encrypted format. The encryption is caused by the PIX software.
Regards,
Arul
*Pls rate if it helps*
12-15-2008 08:57 PM
In addition you can also issue more system to show secret keys in plain text of all Ipsec tunnels preshare keys.
The password has not been removed, as far as I know they do show as * but the actual password is there, when you backup config that information will be backed and copied back to fw when restoring config.
asa#more system:running-config
Regards
12-15-2008 10:59 PM
They are not removed. This is more of a security feature to evade the 'over the back' peekers :). You can see/recover the password using multiple ways:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00807f2d37.shtml
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide