Core issue
Once a pre-shared is configured, it is encrypted, and you cannot see it in the running configuration. It is displayed as ********.
Resolution
To view the system configuration in 7.x code without "********", use the command below:
ASA#moresystem://running-config
Alternatively to recover, perform one of the three solutions:
- Upload your configuration to a TFTP server. This is needed because once the configuration is sent to the TFTP server, the pre-shared key and other passwords appear as clear text (instead of ******** , as in the show run command).
To upload your configuration to a TFTP server, issue this command:
ASA#write net [[server_ip]:[filename]]):
Once the file is saved on the TFTP server, you can open it with a text editor and view the passwords in clear text.
- The configuration can also be uploaded to an FTP server. This is the command:
ASA#copy running-config ftp://USERNAME:PASSWORD@ServerIP/
- A copy of the configuration can be saved in clear text on the ASA only. Issue these commands on the Adaptive Security Appliance (ASA) :
ASA#copy run
ASA#more
After performing one of these options, you should be able to see the pre-shared key.
For further information refer to the copy command.