Not everyone has a great password maintenance process. If you run into a situation where the group pre-shared keys for your
<acronym title="Virtual Private Network">
VPN</acronym>
are lost, you face the option of changing the existing key (and breaking any users that are currently working), or creating a new group with a new key.
<!--more-->
On a Cisco ASA, looking through the configuration doesn't reveal the group pre-shared key:
FIREWALL# show running-config
<snip>
tunnel-group CORPORATE ipsec-attributes
pre-shared-key *
All is not lost!
The trick to recovering the group pre-shared key is to view the configuration with more system:running-config
.
FIREWALL# more system:running-config
<snip>
tunnel-group CORPORATE ipsec-attributes
pre-shared-key coshtyivfi