Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Is it safe to use one pre-share key for hub to spokes connection when using dmvpn

Hello Expert,

I have hub and spoke(s) enviroment using mix of 2811 and 2900 series router

I using DMVPN for my tunnels.

I am think about using one pre-share key thru out the  hub and spokes vpn configuration, but  I unsure about the risk.

Would the above be safe or should i use unique key for each hub to spokes connection ?.

Regards

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Is it safe to use one pre-share key for hub to spokes conne

Hi there,

The main risk of using the same PSK across all connections is that if one is compromised, then all the others are immediately at risk and can easily be compromised too.

At the end of the day, it is up to you/company policy as to whether you are prepared to take that risk.

Many thanks

Jonathan

1 REPLY

Re: Is it safe to use one pre-share key for hub to spokes conne

Hi there,

The main risk of using the same PSK across all connections is that if one is compromised, then all the others are immediately at risk and can easily be compromised too.

At the end of the day, it is up to you/company policy as to whether you are prepared to take that risk.

Many thanks

Jonathan

225
Views
0
Helpful
1
Replies
CreatePlease to create content