Viewing VPN Keys

It’s well known that to recover VPN passwords for L2L tunnels you can copy the config to a TFTP server and view the configuration to retrieve the passwords. That works just fine….until you’re remotely working on an ASA and don’t have access to a TFTP server. Well, there is another way. Use the more command to view the running config. It will “decrypt” the VPN passwords!

tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
 pre-shared-key *****

more system:running-config

tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
 pre-shared-key MySeCrEtVpNkEy

One Comment on “Viewing VPN Keys”

  1. If you already have access to a VPN or know how to attain one, there is no need to continue with the steps below. Personally I chose VPNBook, which is completely free and hosted in Romania, so there is no way your ISP will block anything.

Leave a Reply

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.