Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

Preshared keys after PIX OS Upgradation

I have to upgrade the PIX OS from 6.3(1) to 7.X.There are few crypto ( site-site)configs with preshared keys.I remember that I had faced issues on the 1700/2600 old routers when upgrading the IOS, the preshared keys seems to be not working.I used to manually configure the same.Not sure with pix.Since the administrator has forgotten the PRESHARED key, now I cant take any risk on going for the upgradation.Did any one had issues with crypto configs after the code upgradation with PIX 525 ?.

Thanks,

Rajan

5 REPLIES

Re: Preshared keys after PIX OS Upgradation

You can get the preshared key if you do a 'write network' on the PIX (same as copy run tftp on a router).

HTH and please rate.

Silver

Re: Preshared keys after PIX OS Upgradation

Even easier than setting up a TFTP server... If you login to the PIX using ASDM, you can view (in clear text) the preshared keys for a particular tunnel group. Go to Config --> VPN --> General --> Tunnel Group --> Edit Tunnel Group --> IPsec tab --> Pre-Shared Key

Please rate if this helps.

Cisco Employee

Re: Preshared keys after PIX OS Upgradation

Hi,

thanks for all your responses.Yes, write net is an option but I didnt try since 6.3.1 to 7.X is major code change.I could try all these by knowing the preshared keys on hand.

What I need to confirm is " there should not be any issues" after the OS upgradation.If wr net misses the preshared key somehow, I should not be in trouble.Coming to the ASDM part, the code is 6.3(1) which supports pdm only.

Did anyone experienced with the preshared key issues after the upgradtion

Thanks,

Rajan

Re: Preshared keys after PIX OS Upgradation

We don't do any VPN on our PIXes so I can't really comment on it. I would think that if there were a lot of problems with the upgrades and VPN keys, you would hear about it (here, google groups, TAC, etc.)

New Member

Re: Preshared keys after PIX OS Upgradation

I have recently did two upgrades on a couple of PIX 515's running 6.3(4) code and the pre-shared keys stayed in tact. You should be good to go. But as a precaution I would always do a write net before any upgrade.

165
Views
0
Helpful
5
Replies
CreatePlease to create content