Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
676
Views
0
Helpful
5
Replies

ASA firewall recovery configuration from LMS 2.6

umakanthreddy
Level 1
Level 1

ā€Ž03-25-2011 11:44 PM

1.Created new vpn tunnel and added to the configuration and removed the new VPN tunnels  configurations from ASA.

Now my question here is, when i push the changed configuration back to ASA from ciscoworks, will the same pre-shared of the tunnel work.

Thanks in Advance.

Please Help ASAP.

Labels:
0 Helpful
5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

ā€Ž03-26-2011 09:32 AM

I assume you mean you're using Config Editor in LMS to make these changes.  In that case, if you deploy using the default Overwrite mode, then yes, the resulting configuration should look exactly like what it looks like in Config Editor.

0 Helpful

umakanthreddy
Level 1
Level 1
In response to Joe Clarke

ā€Ž03-26-2011 11:25 PM

Thanks for the response.

So you mean to say that if i open the changed configuration in config editor mode, then i can see the pre-shared key in clear text or still in ****** format.

Also to be clear to you, We have  created a new VPN tunnel on the ASA box and removed the same tunnel after 1day. Now since Ciscoworks has the Version tree configuration of the new VPN tunnel created.Now can we see the pre-shared key (in clear text) of the New VPN tunnel created in Ciscoworks through config editor.

Thanks in advance.

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to umakanthreddy

ā€Ž03-26-2011 11:39 PM

If the ASA shows the key in clear text mode when you run "show run" then Config Editor will show it in the Credentials pane as "*****".  However, when you click on the "*****" link, you will see the plain text value.  I think the ASA shows the key as "*****", though.  In that case, that's what you will see in Config Editor, and you will not be able to see the clear text value.

0 Helpful

umakanthreddy
Level 1
Level 1
In response to Joe Clarke

ā€Ž03-27-2011 01:23 AM

ASA doesnt show pre-shared key in clear text when you run sh run command.

Can you please tell me what do you mean by "However, when you click on the "*****" link, you will see the plain text value" in your answer.

Thanks in advance.

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to umakanthreddy

ā€Ž03-27-2011 08:45 AM

Some credentials in the config will replaced by stars (e.g. the SNMP community strings).  In the Config Editor window, you will see a Credential pane at the bottom.  The stars in those credentials will be hyperlinks.  If you click on them you can see the clear text credential and change it.

See this screenshot for an example.  Note the SNMP configuration in the bottom Credentials pane.

0 Helpful
Customers Also Viewed These Support Documents