[c-nsp] Retrieving *'d secrets in PIX6.3(5)
Michael K. Smith - Adhost
mksmith at adhost.com
Wed Aug 18 16:27:53 EDT 2010
Hello Jason:
If you save your configuration to a tftp server it will show the
password in the clear. There may be another way but I've not found it.
Mike
--
Michael K. Smith - CISSP, GSEC, GISP
Chief Technical Officer - Adhost Internet LLC mksmith at adhost.com
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Jason Lixfeld
> Sent: Wednesday, August 18, 2010 1:04 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Retrieving *'d secrets in PIX6.3(5)
>
> In current PIX/ASA OS 7+, one is able to look at things like *'d out
> ipsec/isakmp secrets using 'more system:running-configuration' which
makes
> it easy to move the config over to a new box or something. Is there a
way to
> do the same thing with PIX6? 6.3(5) more specifically? I'm looking
to
> upgrade a couple of PIX firewalls to proper ASAs and would like to
avoid
> having to reconfigure every IPSec client (dynamic and static) that
terminates
> on this box currently.
>
> Thanks in advance.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list