Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
589
Views
0
Helpful
2
Replies

Cisco VPN tunnel between router and firewall will only accept “cisco” for the PSK

annahernandez99
Level 1
Level 1

‎01-16-2021 06:20 AM

Had a head scratcher today. This tunnel worked for months without issue. Both sides claim nothing changed.

After various steps and finally blowing away the entire tunnel config on the ASA side and starting fresh, comparing side by side all other things for a config on a client's router and our ASA firewall, we decided, what the hell, let's change the pre-share key (even though we had verified on both ends we matched) to something very simple on both ends.

We changed it to "cisco" and the tunnel worked fine. We tried to change it to anything else, the authentication failed. Tried another 5 letter lower case word, would not work. Change it back to "cisco" works fine. What gives?

Labels:
0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎01-16-2021 09:31 AM

 

 - So the intended pre-shared key was correctly set on both platforms I guess (?) -  Also make sure that you do not suffer from volatile-effects where for instance a configuration must be 'sufficiently saved' first. If not working check and or post the logs from both platforms pointing to the issue.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

MHM Cisco World
VIP
VIP

‎01-16-2021 03:11 PM

Hmm interest, 
I think the password-encryption in one side do this effect.
please confirm if you config such like this feature in one side.

0 Helpful
Customers Also Viewed These Support Documents