Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CollabraIT
New Contributor

Change IPsec tunnel preshared key

How can I change the IPsec tunnel preshared key? It can't be done in the gui. When I edit my tunnel and select the option for preshared key, the field key entry field doesn't appear like it does when creating a new tunnel. Is there a way to do this in the cli? So far I haven't found it.

2 Solutions
ede_pfau

Yes it will.


Ede


"Kernel panic: Aiee, killing interrupt handler!"

View solution in original post

Ede"Kernel panic: Aiee, killing interrupt handler!"
Toshi_Esumi
SuperUser
SuperUser

5 REPLIES 5
CollabraIT
New Contributor

From the cli, editing my tunnel in

config vpn ipsec phase1-interface

If I type "set psksecret" and a new key, will that replace the existing preshared key and encode it?

ede_pfau

Yes it will.


Ede


"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Toshi_Esumi
SuperUser
SuperUser

Yes, it does.

CollabraIT

Thanks guys.

Toshi_Esumi

With CLI you can even copy and paste the encrypted PSK (ENC) to other phase1-interface without knowing the original PSK. That's how we migrate IPSecs from one FG to another as long as the software version is the same or close enough.

Labels
Top Kudoed Authors