Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ni_c
Contributor

Shared Secret in clear text

Hi there,

is there a way that we can see shared secret key in clear text for site to site VPN in R80.10 management server?

Regards,

Nagarjuna 

0 Kudos
13 Replies
Danny
Champion Champion
Champion

Of Course. In R80.10, simply click 'IPsec VPN > Edit secrets' > Edit > Set / View your secret.

Ni_c
Contributor

Can you tell me how it is. I know in previous versions if we click on the shared secret it will show the key in clear text. But this is not working in R80.10

0 Kudos
Chris_Hoff
Contributor

Are you trying to edit it within the VPN community? If you look above, Danny is editing the Shared Secret within the Gateway. Try that if you have not already. 

0 Kudos
Ni_c
Contributor

Thanks Danny, But apparently this is only for traditional mode VPN's.

0 Kudos
Danny
Champion Champion
Champion

You just asked for a way to see shared secrets within R80.10. This is a way.

0 Kudos
mrktgb
Explorer

Looks like this is gone in 81.10.

 

0 Kudos
PhoneBoy
Admin
Admin

We removed the ability to see the shared secret in SmartDashboard/SmartConsole sometime in the R65 timeframe.

0 Kudos
Danny
Champion Champion
Champion

Um, no. See my screen shot above.

0 Kudos
Maarten_Sjouw
Champion
Champion

Maybe it came back in R80.10 but it certainly is unreadable in R77.30

Regards, Maarten
0 Kudos
Olavi_Lentso
Contributor

When not using traditional mode, then Danny's guide does not give results neither in R80.10 and R77.30. Several versions back it was possible to see the pre-shared secret and it was damn convenient Smiley Happy

0 Kudos
Don_Paterson
Advisor
Advisor

Hi Nagarjuna,

Did you ever find a solution to this?

Thanks,

Don

0 Kudos
Ni_c
Contributor

Hi Don,

It is only possible for traditional mode VPN’s in R80.10

0 Kudos
Dale_Lobb
Advisor

This may not be useful to you, depending on your particular situation, but I recently (last year) had to recover some shared secrets for VPNs that had been around for a very long time.  I was able to do so because I still had (on my R77.30 management system,) some database revisions dating back prior to the advent of R67. 

I extracted a policy revision made under R62 (its just a tarball).  I obtained the R62 installation ISO from a checkpoint partner and installed it into a VMWare VM using "Other 2.4.x kernel Linux, 32 bit" as the OS specification.  I then overwrote the R62 installation with the extracted tarball files from the R62 policy DB revision.  Then started up via cpstart.

I was able to access the policy of the VM using R62 Dashboard and extract the ancient shared secrets which now safely reside in an encrypted password vault.

Obviously, the stars all aligned exactly to make this work for me, but who knows, maybe you still have an old backup or DB revision or migrate export from prior to R67?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events