Solved: How do I get the Pre-Shared Key in Plain text rather than in XXXXX form when I take backup and what ... - Cisco Community

8380

Views

5

Helpful

10

Replies

How do I get the Pre-Shared Key in Plain text rather than in XXXXX form when I take backup and what is the best tool available to take the backup of my ASA boxes.

1 Accepted Solution

Accepted Solutions

The best tool to backup your ASA configuration is through the ASA Configuration backup tool itself.

ASDM --> Tools --> Backup Configurations --> and choose which files you want to backup

The backup file will be backup and zip, and if you open the zip file, it will contain the configuration files that has the pre-shared key in plain text.

Hope that helps.

View solution in original post

10 Replies 10

The best tool to backup your ASA configuration is through the ASA Configuration backup tool itself.

ASDM --> Tools --> Backup Configurations --> and choose which files you want to backup

The backup file will be backup and zip, and if you open the zip file, it will contain the configuration files that has the pre-shared key in plain text.

Hope that helps.

Thank you for the reply Jennifer,

I tried from the ASDM and the zip file is only showing the Pre-Shared key in Start ( * ). It is not showing up in plain text.

Do you have any information about any other tool like Cisco Works that can help me? Can you tell me the information along with details like version number also?

I have just tested the backup configuration and the zip file that contains the pre-shared key is in the actual plain text format.

What version of ASDM are you running?

Did you back up both the running and start up config as well? Can you double check if it's in plain text? I just did exactly the same and I saw the plain text format of the pre-shared key.

Also if you grab the pre-shared key from command line, it will also show you the plain text.

Here is the example that I have run:

ASA# more system:running-config | b tunnel-group
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key cisco123

I am using ASDM 6.1

I had backup both the running and start up config.

But its not coming up on plain text.

Yes I am able to grab the pre-shared key from command line in plain text.

But I need to have it being done automatically backed up in plain text along with the remaining configuration.

I am using ASDM 6.1.

Please kindly upgrade to the latest version of ASDM that is supported by your ASA. BTW, what is your current ASA version?

Jennifer,

I nearly have 60 ASA firewalls.

They are mostly 5510 and few are 5505 and 5520.

Some are 8.0(3), 8.2(1), 7.2(2).

Please let me know what version supports which ASDM.

Thanks.

Here is the hardware software compatibility matrix for your reference:

http://www.cisco.com/en/US/docs/security/asa/compatibility/asamatrx.html

For all ASA 8.x version, you can use ASDM version 6.4.1

For ASA 7.x version, it is recommended to use ASDM version 5.2.4.

Jennifer,

Thank you for the information.

Great, thank you. Please kindly mark the post as answered so others can learn from your post. Thanks.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card