This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ni_c
Contributor
‎2018-03-22 09:20 AM

Shared Secret in clear text

Hi there,

is there a way that we can see shared secret key in clear text for site to site VPN in R80.10 management server?

Regards,

Nagarjuna 

0 Kudos
13 Replies
Danny
Champion Champion
Champion
‎2018-03-22 09:25 AM

Of Course. In R80.10, simply click 'IPsec VPN > Edit secrets' > Edit > Set / View your secret.

Ni_c
Contributor
‎2018-03-22 09:42 AM
In response to Danny

Can you tell me how it is. I know in previous versions if we click on the shared secret it will show the key in clear text. But this is not working in R80.10

0 Kudos
Chris_Hoff
Contributor
‎2018-03-22 11:50 AM
In response to Ni_c

Are you trying to edit it within the VPN community? If you look above, Danny is editing the Shared Secret within the Gateway. Try that if you have not already. 

0 Kudos
Ni_c
Contributor
‎2018-03-22 02:10 PM
In response to Danny

Thanks Danny, But apparently this is only for traditional mode VPN's.

0 Kudos
Danny
Champion Champion
Champion
‎2018-03-22 02:37 PM
In response to Ni_c

You just asked for a way to see shared secrets within R80.10. This is a way.

0 Kudos
mrktgb
Explorer
‎2022-04-06 08:55 PM
In response to Danny

Looks like this is gone in 81.10.

 

0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-22 10:39 AM

We removed the ability to see the shared secret in SmartDashboard/SmartConsole sometime in the R65 timeframe.

0 Kudos
Danny
Champion Champion
Champion
‎2018-03-22 11:20 AM
In response to PhoneBoy

Um, no. See my screen shot above.

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2018-03-23 03:08 PM
In response to Danny

Maybe it came back in R80.10 but it certainly is unreadable in R77.30

Regards, Maarten
0 Kudos
Olavi_Lentso
Contributor
‎2018-05-03 12:26 AM
In response to Danny

When not using traditional mode, then Danny's guide does not give results neither in R80.10 and R77.30. Several versions back it was possible to see the pre-shared secret and it was damn convenient Smiley Happy

0 Kudos
Don_Paterson
Advisor
Advisor
‎2019-02-27 07:21 AM

Hi Nagarjuna,

Did you ever find a solution to this?

Thanks,

Don

0 Kudos
Ni_c
Contributor
‎2019-02-27 09:44 AM
In response to Don_Paterson

Hi Don,

It is only possible for traditional mode VPN’s in R80.10

0 Kudos
Dale_Lobb
Advisor
‎2019-03-03 10:16 PM

This may not be useful to you, depending on your particular situation, but I recently (last year) had to recover some shared secrets for VPNs that had been around for a very long time.  I was able to do so because I still had (on my R77.30 management system,) some database revisions dating back prior to the advent of R67. 

I extracted a policy revision made under R62 (its just a tarball).  I obtained the R62 installation ISO from a checkpoint partner and installed it into a VMWare VM using "Other 2.4.x kernel Linux, 32 bit" as the OS specification.  I then overwrote the R62 installation with the extracted tarball files from the R62 policy DB revision.  Then started up via cpstart.

I was able to access the policy of the VM using R62 Dashboard and extract the ancient shared secrets which now safely reside in an encrypted password vault.

Obviously, the stars all aligned exactly to make this work for me, but who knows, maybe you still have an old backup or DB revision or migrate export from prior to R67?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events