SRX

Hello,

I just learned that JUNOS will change the passwords you specify without warning, for example if your password includes the symbol '=' (see this thread for more info).

Question: Does JUNOS also change IKE pre shared keys?  Are there invalid ASCII characters that JUNOS will ignore/change when specifying an IKE PSK?

Thank you,

Chris

EDIT: According to KB21159 the double-quote character is disallowed.  Presumably there are other disallowed characters such as newline, but without being rediculous, I assume that only double-quote is disallowed?  I just don't want to get screwed like I did with my password in the thread linked above.

Hello,

Not a direct answer to Your question but in JUNOS CLI You can enter IKE pre-shared key as HEX if You are not happy with supported ASCII subset being not up to Your requirements:

--- JUNOS 12.1X46-D30.2 built 2015-01-08 08:49:56 UTC
aarseniev@srx210> edit 
Feb 03 15:23:02
[edit]
aarseniev@srx210# set security ike policy p1 pre-shared-key hexadecimal f00ba4   

[edit]
aarseniev@srx210# show | compare 
Feb 03 15:24:02
[edit security ike]
+    policy p1 {
+        pre-shared-key hexadecimal "$9$nJXv9A0O1RESr.P5F36At"; ## SECRET-DATA
+    }

HTH

Thx

Alex

Alex,

Thank you.  Please let me know how to vote for your answer.  I cannot seem to figure out what to click (see attached).

Chris

Hello,

Please read this Wiki post

http://forums.juniper.net/t5/News-and-Announcements/Accepted-Solutions/td-p/114744 

I am guessing You were not logged in when You took the screenshot.

HTH

Thx

Alex