Cisco IP Solution Center Security User Guide, 3.0 - Updating and Modifying Pre-shared Keys [Cisco IP Solution Center]

Table Of Contents

Updating and Modifying Pre-shared Keys

Regenerating Pre-shared Keys

Changing Pre-shared Key Lengths

Updating and Modifying Pre-shared Keys

This chapter contains the following sections:

•Regenerating Pre-shared Keys

•Changing Pre-shared Key Lengths

Regenerating Pre-shared Keys

You can regenerate pre-shared keys by scheduling it as a task within ISC Task Manager.

Step 1 Click Home > Monitoring > Task Manager > Tasks. The Tasks page appears as shown in Figure 8-1.

Figure 8-1 The Tasks Page

Step 2 Click Create. The Create Task page appears as shown in Figure 8-2.

Figure 8-2 The Create Task Page

Step 3 Select Service Deployment from the Type drop-down list.

Step 4 Click Next. The Task Service Requests page appears as shown in Figure 8-3.

Figure 8-3 The Task Service Requests Page

Step 5 Click Add. The Service Request for Task dialog box appears as shown in Figure 8-4.

Figure 8-4 Service Request for Task Dialog Box

Step 6 Check the service request for which you would like to regenerate the pre-shared keys and click Select to return to the Task Service Requests page. The service request you checked now appears on the Task Service Requests page.

Step 7 Click Next. The Task Schedules page appears as shown in Figure 8-5.

Figure 8-5 The Task Schedules Page

Step 8 Click Create. The Task Schedules page appears with the scheduling options displayed as shown in Figure 8-6.

Figure 8-6 The Task Schedules With Scheduling Options Displayed

Step 9 Select when you would like the update to occur and click OK to continue.

Step 10 Click Next. The Service Deployment Task Summary page appears as shown in Figure 8-7.

Figure 8-7 Default Service Deployment Task Summary Page

Step 11 Uncheck Provision and Audit and click Regenerate IPsec Pre-shared Keys. The Service Deployment Task Summary Page should now appear as shown in Figure 8-8.

Figure 8-8 Service Deployment Task Summary Page

Step 12 Click Finish. To view the results of the task, click Home > Monitoring > Task Manager > Logs and refer to the Cisco IP Solution Center: Infrastructure Reference, 3.0 for information on logging options.

Changing Pre-shared Key Lengths

For Cisco IOS devices only, you can change the pre-shared key length for a host. To do so, perform the following steps.

Note If a CPE device in your network uses a VPN Acceleration Module (VAM) card, you must change the pre-shared key length to 64 characters or less for all CPE devices in the same VPN to interoperate.

Step 1 Click Home > Administration > Control Center > Hosts. The Hosts page appears as shown in Figure 8-9.

Figure 8-9 The Hosts Page

Step 2 Select the host for which you want to change the pre-shared key length and click Config. The Host Configuration page appears as shown in Figure 8-10.

Figure 8-10 The Host Configuration Page

Step 3 In the folders displayed, click Provisioning > Service > IPSEC > platform > CISCO_ROUTER > iosPresharedKeyLength. The Host Configuration page updates and displays the key length properties fields as shown in Figure 8-11.

Figure 8-11 The Host Configuration Page With Key Length Properties Displayed

Step 4 Enter the new pre-shared key length in the New Value (1-127) text box and click Set Property.

	Cisco IP Solution Center Security User Guide, 3.0
	Updating and Modifying Pre-shared Keys
Cisco IP Solution Center Security User Guide, 3.0 Index About This Guide ISC Security Concepts Preparing for Security Provisioning Site-to-Site VPN Services Remote Access VPN Services NAT Services Firewall Services Provisioning Services Updating and Modifying Pre-shared Keys	Download this chapter Updating and Modifying Pre-shared Keys Download the complete book Cisco IP Solution Center, 3.0: Security Management User Guide, 3.0 - Whole Book PDF (PDF - 4 MB) Feedback Table Of Contents Updating and Modifying Pre-shared Keys Regenerating Pre-shared Keys Changing Pre-shared Key Lengths Updating and Modifying Pre-shared Keys This chapter contains the following sections: •Regenerating Pre-shared Keys •Changing Pre-shared Key Lengths Regenerating Pre-shared Keys You can regenerate pre-shared keys by scheduling it as a task within ISC Task Manager. Step 1 Click Home > Monitoring > Task Manager > Tasks. The Tasks page appears as shown in Figure 8-1. Figure 8-1 The Tasks Page Step 2 Click Create. The Create Task page appears as shown in Figure 8-2. Figure 8-2 The Create Task Page Step 3 Select Service Deployment from the Type drop-down list. Step 4 Click Next. The Task Service Requests page appears as shown in Figure 8-3. Figure 8-3 The Task Service Requests Page Step 5 Click Add. The Service Request for Task dialog box appears as shown in Figure 8-4. Figure 8-4 Service Request for Task Dialog Box Step 6 Check the service request for which you would like to regenerate the pre-shared keys and click Select to return to the Task Service Requests page. The service request you checked now appears on the Task Service Requests page. Step 7 Click Next. The Task Schedules page appears as shown in Figure 8-5. Figure 8-5 The Task Schedules Page Step 8 Click Create. The Task Schedules page appears with the scheduling options displayed as shown in Figure 8-6. Figure 8-6 The Task Schedules With Scheduling Options Displayed Step 9 Select when you would like the update to occur and click OK to continue. Step 10 Click Next. The Service Deployment Task Summary page appears as shown in Figure 8-7. Figure 8-7 Default Service Deployment Task Summary Page Step 11 Uncheck Provision and Audit and click Regenerate IPsec Pre-shared Keys. The Service Deployment Task Summary Page should now appear as shown in Figure 8-8. Figure 8-8 Service Deployment Task Summary Page Step 12 Click Finish. To view the results of the task, click Home > Monitoring > Task Manager > Logs and refer to the Cisco IP Solution Center: Infrastructure Reference, 3.0 for information on logging options. Changing Pre-shared Key Lengths For Cisco IOS devices only, you can change the pre-shared key length for a host. To do so, perform the following steps. Note If a CPE device in your network uses a VPN Acceleration Module (VAM) card, you must change the pre-shared key length to 64 characters or less for all CPE devices in the same VPN to interoperate. Step 1 Click Home > Administration > Control Center > Hosts. The Hosts page appears as shown in Figure 8-9. Figure 8-9 The Hosts Page Step 2 Select the host for which you want to change the pre-shared key length and click Config. The Host Configuration page appears as shown in Figure 8-10. Figure 8-10 The Host Configuration Page Step 3 In the folders displayed, click Provisioning > Service > IPSEC > platform > CISCO_ROUTER > iosPresharedKeyLength. The Host Configuration page updates and displays the key length properties fields as shown in Figure 8-11. Figure 8-11 The Host Configuration Page With Key Length Properties Displayed Step 4 Enter the new pre-shared key length in the New Value (1-127) text box and click Set Property.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks