[c-nsp] Retrieving *'d secrets in PIX6.3(5)
Ryan West
rwest at zyedge.com
Wed Aug 18 16:27:02 EDT 2010
Jason
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Jason Lixfeld
> Sent: Wednesday, August 18, 2010 4:04 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Retrieving *'d secrets in PIX6.3(5)
>
> In current PIX/ASA OS 7+, one is able to look at things like *'d out
> ipsec/isakmp secrets using 'more system:running-configuration' which makes
> it easy to move the config over to a new box or something. Is there a way to
> do the same thing with PIX6? 6.3(5) more specifically? I'm looking to
> upgrade a couple of PIX firewalls to proper ASAs and would like to avoid
> having to reconfigure every IPSec client (dynamic and static) that terminates
> on this box currently.
>
Dump it to a TFTP server using write net. You'll have all your passwords then.
-ryan
More information about the cisco-nsp
mailing list