Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
6288
Views
5
Helpful
0
Comments

How to encrypt the ISAKMP pre-shared key on the router

TCC_2
Level 10
Level 10

on ‎06-22-2009 06:12 PM

Core issue

By default, the ISAKMP pre-shared key is in plain text on a router so that anybody who looks at the configuration can see it. It can also be encrypted to be hidden from everybody.

Resolution

Issue these commands in the config mode on the router to encrypt the Internet Security Association and Key Management Protocol (ISAKMP) pre-shared key in secure type 6 format in Non-Volatile RAM (NVRAM). These commands were introduced in the Cisco IOS  Software Release 12.3(2)T:

key config-key password-encryption [master key]
password encryption aes

For more information on this issue, refer to Encrypt Pre-shared Keys in Cisco IOS Router Configuration Example.

For additional information, refer to Encrypted Preshared Key.

Labels:
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents