The master passphrase feature allows you to securely store plain text passwords in encrypted format. The master passphrase provides a key that is used to universally encrypt or mask all passwords, without changing any functionality. Passwords that take advantage of this feature include:
VPN load balancing
VPN (remote access and site-to-site)
If failover is enabled but no failover shared key is set, then changing the master passphrase displays an error message, informing you that a failover shared key must be entered to protect the master passphrase changes from being sent as plain text.
This procedure will only be accepted in a secure session, for example by console, SSH or ASDM via HTTPS.
Note:You must know the current master passphrase to disable it.This procedure will only be accepted in a secure session, for example by console, SSH or ASDM via HTTPS.
hostname(config)# no key config-key password-encryption
Warning! You have chosen to revert the encrypted passwords to plain text. This
operation will expose passwords in the configuration and therefore exercise caution
while viewing, storing, and copying configuration.
Old key: try2attack
hostname(config)# write memory
Note: If the master passphrase is lost or unknown, it could be removed by using the write erase command followed by the reload command. This removes the master key along with the configuration containing the encrypted passwords.
In CLI on ASA 5555-X I cannot figure out which command to use to see the "isakmp keepalive threshold" value set on a tunnel. I know the default is "threshold 10 retry 2" but I want to see if it has been changed on a specific tunnel and I seem to get every...
Hardware: ASAv30Cisco Adaptive Security Appliance Software Version 9.9(2)1 Whenever I try to enter any show run command, for example "show run" or "show run access-list", the CLI terminal hangs up without generating any output and I have to close the...
Hello, I am trying to configure cisco anyconnect VPN on ASA Firewall to enforce a 2fa for the users. I am following a beautiful article posted here in the forums with detailed steps (you can find the link below at the end of this post) however, ...
Hello for everybody. Is it possible to clear all nat counters on cisco asa 5515-x? Auto NAT Policies (Section 2)1 (inside2) to (outside_nat) source static obj-10.18.8.200 interface service tcp www 83translate_hits = 600, untranslate_hits = 31&nb...
So i was testing a new ACL and DACL, and notice that when made a shut and no shut, on the port where my lab host was at the machine would lose its DHCP Adress, but after 10 secones it would regain the IP and then 1 sec later lose it again. &nbs...