ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Retrieving a pre-share key

07.02.12   |  
‎07-02-2012 02:34 PM

Our company is combining two data centers into one at a new location. We will also be using a different SSG-520 that is already there to separate production from non-production.

I need to reestablish several VPN tunnels.

The other side of the tunnel does not need to be changed.

Our external IP address is not changing. Is there a way to retrieve the pre-share key in plain text?
If not, what we be there preferred way to re-establish the tunnel?

Or am I stuck rebuilding these tunnels?

 

 

Thank you!

3 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: Retrieving a pre-share key

07.02.12   |  
‎07-02-2012 04:15 PM

You cannot decrypt to clear text.

 

But you can take the encrypted lines from your original configuration and use the import function to apply them to your new box.

 

Just pull all the vpn related configuration and save as a plain text file.

Go to Configuration -- Update -- Config file

Browse to the file

Choose the "Merge" option

Hit apply

 

This will create the same gateway and shared secret as in the original firewall.

Steve Puluka BSEET
Juniper Ambassador
Senior IP Engineer - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
JNCIA-Junos JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCIS-FWV
JNCDA JNCDS-DC JNCDS-SEC
JNCIS-SP
ACE PanOS 6 ACE PanOS 7
http://puluka.com/home
ScreenOS Firewalls (NOT SRX)

Re: Retrieving a pre-share key

04.27.15   |  
‎04-27-2015 10:49 AM

Hi Steve,

 

Are those instructions you provided for the Netscreen Firewalls or the SRX?  I remember a merge option on the Netscreen GUI but I don't see it on the SRX.

ScreenOS Firewalls (NOT SRX)

Re: Retrieving a pre-share key

04.27.15   |  
‎04-27-2015 12:55 PM

Yes, this option is on the Netscreen (ScreenOS) GUI and not the SRX.

 

This is the ScreenOS forum area.

Steve Puluka BSEET
Juniper Ambassador
Senior IP Engineer - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
JNCIA-Junos JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCIS-FWV
JNCDA JNCDS-DC JNCDS-SEC
JNCIS-SP
ACE PanOS 6 ACE PanOS 7
http://puluka.com/home