10-10-2011 05:28 PM - edited 03-11-2019 02:36 PM
Hi.
I'm in the process of re-working the network at my current place of employ, and I've run into a bit of an issue.
We have a pair of ASA5520 firewalls setup in a very inefficient fashion, and I wish to convert them to an active/passive cluster.
This bit is easy - blow 'em away and start from scratch.
Trouble is, there are a number of configuration option I will need to re-implement (VPN tunnels, remote users etc), and trying to capture the configuation with a simple "show running-config" or "show running-config all" or even "show startup-config" doesn't get me things like the pre-shared-key from the VPN configurations - and I don't know them all, so I can't simply re-enter them.
Is there any way to get a dump of the running (or startup) config which shows the hidden settings like pre-shared keys and OSPF message digest keys?
Thanks.
Solved! Go to Solution.
10-10-2011 05:40 PM
Darren
I have always simply copied the config to a tftp server. This shows the preshared keys in plaintext (not sure about OSPF message digest) but you could also try this -
https://supportforums.cisco.com/docs/DOC-5749#comment-1299
never done it myself but looks like it should work.
Jon
10-10-2011 05:42 PM
Hello Darren,
Use the following command to find that:
- more system:running-config
With this you are going to be able to see the pre-shared keys in clear text.
Hope this helps,
Julio
10-10-2011 05:40 PM
Darren
I have always simply copied the config to a tftp server. This shows the preshared keys in plaintext (not sure about OSPF message digest) but you could also try this -
https://supportforums.cisco.com/docs/DOC-5749#comment-1299
never done it myself but looks like it should work.
Jon
10-10-2011 05:53 PM
jon.marshall wrote:
Darren
I have always simply copied the config to a tftp server. This shows the preshared keys in plaintext (not sure about OSPF message digest) but you could also try this -
https://supportforums.cisco.com/docs/DOC-5749#comment-1299
never done it myself but looks like it should work.
Jon
Jon.
Thanks, but I should have clarified - I can't get the configuration from this to a TFTP server for reasons too complicated to go into - but related to WHY I'm trying to blow the damn thing away and start again from scratch.
The link gave the same solution as Julio's did, and it worked fine - appreciate the input.
Darren
10-10-2011 05:42 PM
Hello Darren,
Use the following command to find that:
- more system:running-config
With this you are going to be able to see the pre-shared keys in clear text.
Hope this helps,
Julio
10-10-2011 05:52 PM
Julio.
Excellent, that one gave me exactly what I needed! Thanks a bunch!
Darren
10-10-2011 05:55 PM
Hello Darren,
I am glad it worked. Hope you have a great day.
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide