Solved: Re: Ooops

n.oneill · ‎12-01-2002

I have configured a PIX VPN for a customer but forgot to make a note of the password.

When I do a 'wr t' all I get is "isakmp key ******** address 0.0.0.0 netmask 0.0.0.0"

Is there anyway I can find out what it's set to? If I put in another key will this one get overwriten?

Thanks

gfullage · ‎12-01-2002

Big ooops.

If you've forgotten the key, you can't just add another one over the top of it cause the PIX will say one already exists for address 0.0.0.0. The only way to do this is to "clear isakmp" which will get rid of ALL the ISAKMP commands in the config, then add them back in.

Probably easier if you cut/paste all the isakmp commands (except this key) into a text file first, then clear them and then paste them all back in.

View solution in original post

gfullage · ‎12-01-2002

Big ooops.

If you've forgotten the key, you can't just add another one over the top of it cause the PIX will say one already exists for address 0.0.0.0. The only way to do this is to "clear isakmp" which will get rid of ALL the ISAKMP commands in the config, then add them back in.

Probably easier if you cut/paste all the isakmp commands (except this key) into a text file first, then clear them and then paste them all back in.

n.oneill · ‎12-02-2002

Thankyou very much.

swraight · ‎12-02-2002

something else you can do is this:

if you have a TFTP server, (I have one running on my PC), then you can send a text file of the configuration to the server. that text file will contain all passwords. here is the command:

pixfw# wr net :/filename.txt

you have to configure your TFTP server first before it will work. you do that by this command:

usage: tftp-server []

n.oneill · ‎12-02-2002

Nice idea

I have managed to sort it already but this could come in useful for the future.

Thanks