Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CollabraIT
New Contributor II

Change IPsec tunnel preshared key

How can I change the IPsec tunnel preshared key? It can't be done in the gui. When I edit my tunnel and select the option for preshared key, the field key entry field doesn't appear like it does when creating a new tunnel. Is there a way to do this in the cli? So far I haven't found it.

2 Solutions
ede_pfau

Yes it will.

Ede Kernel panic: Aiee, killing interrupt handler!

View solution in original post

Ede Kernel panic: Aiee, killing interrupt handler!
Toshi_Esumi
SuperUser
SuperUser

7 REPLIES 7
CollabraIT
New Contributor II

From the cli, editing my tunnel in

config vpn ipsec phase1-interface

If I type "set psksecret" and a new key, will that replace the existing preshared key and encode it?

ede_pfau

Yes it will.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Dongfang_Li_FTNT

Yes. it will. 

Toshi_Esumi
SuperUser
SuperUser

Yes, it does.

CollabraIT

Thanks guys.

Toshi_Esumi

With CLI you can even copy and paste the encrypted PSK (ENC) to other phase1-interface without knowing the original PSK. That's how we migrate IPSecs from one FG to another as long as the software version is the same or close enough.

mpandya
Staff
Staff

Yes

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors