Cisco IP Solution Center Security User Guide, 3.0
Updating and Modifying Pre-shared Keys
Downloads: This chapterpdf (PDF - 291.0KB) The complete bookPDF (PDF - 3.65MB) | Feedback

Updating and Modifying Pre-shared Keys

Table Of Contents

Updating and Modifying Pre-shared Keys

Regenerating Pre-shared Keys

Changing Pre-shared Key Lengths


Updating and Modifying Pre-shared Keys


This chapter contains the following sections:

Regenerating Pre-shared Keys

Changing Pre-shared Key Lengths

Regenerating Pre-shared Keys

You can regenerate pre-shared keys by scheduling it as a task within ISC Task Manager.


Step 1 Click Home > Monitoring > Task Manager > Tasks. The Tasks page appears as shown in Figure 8-1.

Figure 8-1 The Tasks Page

Step 2 Click Create. The Create Task page appears as shown in Figure 8-2.

Figure 8-2 The Create Task Page

Step 3 Select Service Deployment from the Type drop-down list.

Step 4 Click Next. The Task Service Requests page appears as shown in Figure 8-3.

Figure 8-3 The Task Service Requests Page

Step 5 Click Add. The Service Request for Task dialog box appears as shown in Figure 8-4.

Figure 8-4 Service Request for Task Dialog Box

Step 6 Check the service request for which you would like to regenerate the pre-shared keys and click Select to return to the Task Service Requests page. The service request you checked now appears on the Task Service Requests page.

Step 7 Click Next. The Task Schedules page appears as shown in Figure 8-5.

Figure 8-5 The Task Schedules Page

Step 8 Click Create. The Task Schedules page appears with the scheduling options displayed as shown in Figure 8-6.

Figure 8-6 The Task Schedules With Scheduling Options Displayed

Step 9 Select when you would like the update to occur and click OK to continue.

Step 10 Click Next. The Service Deployment Task Summary page appears as shown in Figure 8-7.

Figure 8-7 Default Service Deployment Task Summary Page

Step 11 Uncheck Provision and Audit and click Regenerate IPsec Pre-shared Keys. The Service Deployment Task Summary Page should now appear as shown in Figure 8-8.

Figure 8-8 Service Deployment Task Summary Page

Step 12 Click Finish. To view the results of the task, click Home > Monitoring > Task Manager > Logs and refer to the Cisco IP Solution Center: Infrastructure Reference, 3.0 for information on logging options.


Changing Pre-shared Key Lengths

For Cisco IOS devices only, you can change the pre-shared key length for a host. To do so, perform the following steps.


Note If a CPE device in your network uses a VPN Acceleration Module (VAM) card, you must change the pre-shared key length to 64 characters or less for all CPE devices in the same VPN to interoperate.



Step 1 Click Home > Administration > Control Center > Hosts. The Hosts page appears as shown in Figure 8-9.

Figure 8-9 The Hosts Page

Step 2 Select the host for which you want to change the pre-shared key length and click Config. The Host Configuration page appears as shown in Figure 8-10.

Figure 8-10 The Host Configuration Page

Step 3 In the folders displayed, click Provisioning > Service > IPSEC > platform > CISCO_ROUTER > iosPresharedKeyLength. The Host Configuration page updates and displays the key length properties fields as shown in Figure 8-11.

Figure 8-11 The Host Configuration Page With Key Length Properties Displayed

Step 4 Enter the new pre-shared key length in the New Value (1-127) text box and click Set Property.