Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
683
Views
10
Helpful
4
Replies

ASA Crypto and Crypto Description

NIKHIL M K
Level 1
Level 1

‎09-22-2022 07:10 AM

Hi Guys

I would like to copy all cryptos and its description from ASA firewall(we used to same customer name on description). Is there any option?

0 Helpful
4 Replies 4

Rob Ingram
VIP
VIP

‎09-22-2022 07:25 AM

@NIKHIL M K copy to where? to do what with this information?

From the CLI you can run "show run crypto map" to gather the different crypto maps, you'd also probably want "show run tunnel-group" and "show run crypto" and "show run group-policy".

To get the pre-shared key, you'd need to run "more system://running-config", the pre-shared key will now be displayed in cleartext.

NIKHIL M K
Level 1
Level 1
In response to Rob Ingram

‎09-27-2022 07:17 AM

We are changing the ISP. Planning to download tunnel details to an excel then verify the active customer so that we only need to change the peer IP for them.

0 Helpful

Rob Ingram
VIP
VIP
In response to NIKHIL M K

‎09-27-2022 07:22 AM

@NIKHIL M K if you are changing ISP, then you would need to change IP address of your outside interface and the default route next hop IP address. The third party that connects a VPN tunnel to your firewall would need to update their peer IP address to your new ISP IP address.

If you want to document the configuration, use the commands provided above. You could also run "show crypto ikev1 sa" or "show crypto ikev2 sa" and "show crypto ipsec sa peer <ip>" to determine what exact crypto algorithms were used to establish the tunnel.

NIKHIL M K
Level 1
Level 1

‎09-27-2022 08:21 AM

Thank you. I will try this.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card