[rancid] Re: Cisco ASA Backup with Preshared Keys

Todd Heide Todd at equivoice.com
Sun Nov 2 03:40:51 UTC 2008


There is only one way to see the pre-share keys on an ASA. 

 

More system:running-config

 

Not sure how Rancid can do that, but if someone can set it up to issue
that command, then you should be able to back up the VPN keys.

 

From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Keys, Jeremy
Sent: Saturday, November 01, 2008 8:56 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] Cisco ASA Backup with Preshared Keys

 

I use rancid to backup all of my configurations, including two Cisco ASA
5520's.  The only problem I have run into is that when rancid backs up
the configs on the ASA, the actual preshared keys are displayed as an
asterisk (*) rather than the actual preshared key.

 

Is there a way to get rancid to backup the actual config file?  I assume
it's just doing a screen scrape (sh running-config) and capturing the
output rather than copying the actual file.  This is fine for most
equipment, but if I have a failure on the ASA and needed to restore the
config, I would have to re-enter all the preshared keys (not fun with
several hundred tunnels).

 

Any help is greatly appreciated,

 

Jeremy Keys

jeremy_keys at memorial.org

 

 
 
 
This message and accompanying documents are covered by
the Electronic Communications Privacy Act 18
U.S.C. "Sections 2510-2521," and contain information
intended for the specified individual(s) only. This
information is confidential.  If you are not the intended
recipient or an agent responsible for delivering it to
the intended recipient, you are hereby notified that you
have received this document in error and that any review,
dissemination, copying, or the taking of any action based
on the contents of this information is strictly
prohibited.  If you have received this communication in
error, please notify us immediately by e-mail, and delete
the original message.
 
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20081101/e6f2b4c7/attachment.html 


More information about the Rancid-discuss mailing list