Ok, I have been in a position several times when Ive needed to know what
the site-to-site vpn key was. No one knew and I was, at one time, under
the impression that I would have to just reset the password on both
ends. Well, Ive learned that something can be done without having to
reset the vpn key on the other side. If you do a 'show run' on the ASA,
you will see that you can not see what the key is. It just gives you an *:
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *
Ok, I need that password. So, Ive learned that if you do a 'more
system:/running-config', it will show you that pass key.
Interesting... So, here is what I see when I do this command:
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key thisismypassword
Very helpful if you need to know what the vpn key is for the vpn. This
also works for HA password keys too.
