This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jessica_stanson
Explorer
‎2018-03-04 06:33 AM

Pre-Share Keys CMD CLISH

Hi,  

does anyone the CMD to see the vpn Pre-Share Keys in Checkpoint?

 

In Fortinet the PSK is saved in the config File like:

set remote-gw 77.56.199.43
set psksecret ENC Sqjxee+N3ZaTG2lL..........wa27N+XALaSxVQ==

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2018-03-04 09:40 AM

As far as I know, no such command exists.

If you don't know what it is, you have to reset it, per this SK:

Is it possible to recover the VPN pre-shared secrets, if they are unknown? 

0 Kudos
jessica_stanson
Explorer
‎2018-03-06 12:55 AM
In response to PhoneBoy

Hi Dameon,
thanks for your reply.
Maybe in the active connections?
grep radius /config/active
....
aaa:auth_profile:base_radius_authprofile:radius_sr v:0:secret \ lDGLiWozsw==
.....
So instead of radius maybe vpn?
grep vpn /config/active
Finally i would search this in the CP Firewall with 
find / -type f  -not -path "/var/log"  | xargs grep  -i " lDGLiWozsw== " 2>&1 | grep -v "Permission denied" 
Unfortunately, at the moment, i install a CP and i don"t  have a finished CP Installation to
to see if this could find this key?
0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-06 07:16 AM
In response to jessica_stanson

I can assure you the shared VPN key will NOT appear in /config/active as that contains OS config only, nothing related to firewall, VPN, or Threat Prevention.

G_W_Albrecht
Legend Legend
Legend
‎2018-03-08 12:07 AM
In response to jessica_stanson

As Dameon wrote, there is an sk about that - sk92561 Is it possible to recover the VPN pre-shared secrets, if they are unknown? In older (<R75.40) version dashboard, the PSK entry was unmasked and readable, but that has been changed for good! I assume that even using GuiDBedit to search a known PSK in the database would not yield any success... At least it should not .

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
thallam08
Explorer
‎2019-11-06 07:46 PM
In response to G_W_Albrecht

The unencrypted pre-shared key is needed to establish the VPN.  Therefor it must be stored somewhere on the CP FW in a reversible format.

The question is, where is it stored, and how is it decrypted?

Any claim that it cannot be recovered is just security by obscurity ....

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top