05-01-2001 10:24 AM - edited 03-08-2019 08:11 PM
If a 'person in the middle' has knowledge of the pre-shared secret used to authenticate a VPN tunnel, using IPSEC/IKE. Could that person potentially decrypt the conversation? Or otherwise use the pre-shared secret to try and duplicate keys?
05-07-2001 07:17 AM
You could establish a new session if using wild cards but I dont know about decrypting the traffic in the tunnel on the fly.
05-22-2001 06:26 AM
Pre-shared keys are fine but not scalable. From my knowledge, if the key is compromised, it has to be changed immediately on all devices. A safe way is to sign-up with a CA. This was recommended by Cisco while I was designing our VPN. Well, the answer to your question is "yes, the security and data are compromised".
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: