ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

How to encrypt the ISAKMP pre-shared key on the router

4702
Views
5
Helpful
0
Comments

Core issue

By default, the ISAKMP pre-shared key is in plain text on a router so that anybody who looks at the configuration can see it. It can also be encrypted to be hidden from everybody.

Resolution

Issue these commands in the config mode on the router to encrypt the Internet Security Association and Key Management Protocol (ISAKMP) pre-shared key in secure type 6 format in Non-Volatile RAM (NVRAM). These commands were introduced in the Cisco IOS  Software Release 12.3(2)T:

key config-key password-encryption [master key]
password encryption aes

For more information on this issue, refer to Encrypt Pre-shared Keys in Cisco IOS Router Configuration Example.

For additional information, refer to Encrypted Preshared Key.