Many years after the original post but 'service password-encryption' will not hide the isakmp key.Instead, it can be encrypted using a device defined AES key as outlined here: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-...
If it helps anyone else, I was trying to break the boot loop via remote console which didn't work even using PuTTY's Special Command > Break. Connecting locally to the device via console cable allowed the boot loop to be broken straight away. This th...
Even later to the party...despite having the above configuration in place, I don't see a log message in my logging buffer or sent to syslog when the configuration is saved (write memory) on some devices. I expect to see this: %SYS-6-PRIVCFG_ENCRYPT_S...
Hi Trent,
Thanks for coming back to me. So was the resulting behaviour that all sessions were forwarded from the LAC to a separate LNS or were you using the LAC to terminate some sessions (and act as an LNS) but forward others? Perhaps I have misund...