17. December 2012 · Comments Off on Reveal the Site-to-Site VPN key on an ASA · Categories: Cisco · Tags: , , , ,

Ive needed to know what the site-to-site vpn key is when reconfiguring a firewall.  No one knew what the password is & I was under the impression that I would have to just reset the password on both ends. Well, Ive learned that a command can provide more information without having to reset the vpn key on the other side. If you do a ‘show run’ on the ASA, you will see that you can not see what the key is. It just gives you an: *

tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *

Ok, I need that password. So, Ive learned that if you do a “more system:/running-config”, it will show you that pass key.
Below is what is displayed when I enter the command:

tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key !Password1!!