How to view Pre-shared Key

Forum|Forum|15 years ago
August 21, 2010
5 replies
13533 views

Hi, I have setup a site-to-site vpn between 2 FG. I wanted to view the pre-shared key of the vpn tunnel. Is there any way to view that similar to cisco pix/asa?

ede_pfau

SuperUser

Not that I know of. Not even in the config file. Wouldn' t make sense anyway. What about this option with Cisco - wouldn' t they see this as a massive security breach?

Anand_NarayanaAuthor

Explorer

In Cisco, there is no way to view the pre-shared using the config file, but can be viewed by typing " more:system run" command in CLI through which the pre-shared key can be viewed. Similarly just wanting to know that in FG. Reason to know this is my x-colleague has created several tunnels on the FG & he has updated me only few of the pre-shared keyz the rest he doesn' t have any clues as what the keys might be.

Carl_Wallmark

New Member

you cant view the preshared key, but you can copy them,

Anand_NarayanaAuthor

Explorer

How to copy then?

emnoc

New Member

If you forgot the PSK, just recreate them on the FG. Cisco gives you the luxury to more the PSK out starting with PIX/ASA code 6.5 and higher and the keys are in plaintext if you should copy the config thru tftp.

ede_pfau

SuperUser

Just copy the hashes from the config file, strings starting with " ENC" . That is, from a config file which itself is un-encrypted = plain text.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded