Folks, If the task asks to hide/encrypt ALL passwords in the router config and let's say the router has crypto ipsec client ezvpn portion then the standard "service password-encryption" doesn't have any affects on the password in this section if the password was originally entered in clear text. Same with pre-shared keys. To hide/encrypt this password I use: "password encryption aes" and then I have to provide the key to use for the AES encryption.
Question number 1: Should I just make up my own 8 characters key and then re-enter the command "username USER1 password 0 PASSWORD" under the crypto ipsec client ezvpn section and assume the task will be scored. Question number 2: If I lost/forgot the user password and disable AES encryption by saying "no password encryption aes" the user's password still shows as encrypted. Is there anyway to retrieve it? The thing is that even if I want to reset the key to a new one I am asked the old one. Eugene
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
