Hi all,
We had a RMA on one of our ISR routers, so when getting the new one we uploaded the old config to rebooted the router.
We weren't aware that the route had been configured with the Encrypted Preshared Key feature (https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/sec_secure_connectivity/configuration/guide/2_xe/sec_secure_connectivity_xe_book/sec_encrypt_preshare_xe.html)
The router isn't able to decrypt type 6 keys, and we don't have the master key set with "key config-key password-encryption xxx" command.
Cisco writes in the guide ->
If the old master key is lost or unknown, you have the option of deleting the master key using the no key config-key password-encryption command. Deleting the master key using the no key config-key password-encryption command causes the existing encrypted passwords to remain encrypted in the router configuration. The passwords will not be decrypted.
Does this mean that I'm able to set a new key which the router will use for decryption of type 6 keys?
/Michael