Pre-shared Keys Changing

Question

Hi, I have a doubt about a pop-up in the vpn configuration menu. 
 My current firmware is: SFOS 19.0.0 GA-Build317 
 When i click to save button on the vpn configuration, i have the same pop-up: "the change will update the pre shared key of the all connections configured between the same local and remote peers in this connection". 
 I am afraid to continue the configuration because I can't lost or change any other working vpn cofiguration. 
 I would like to know if continuing the configuration I would lose the other VPNs or damage them. If so, what can I do to avoid it? 
 Thanks

Vivek Jagad · Accepted Answer

MrOven No, for Site-to-Site VPN, if you update the PSK then ensure the remote peer appliance has the same PSK.

And it does not effect the another running IPsec tunnel until that IPsec's tunnel remote PSK has been changed !!

LuCar Toni · Answer

Ipsec works in phase 1 and phase 2. 
 Phase 1: PSK 
 Phase 2: Own key. 
 This means, if you have an green tunnel, it will use Phase2. You can change the key. But if you disconnect and reconnect, the PSK is needed. If this is changed, the tunnel will stay down. 
 SFOS will use the same PSK for all Wildcard Tunnel (Remote tunnel: *)

Vivek Jagad · Answer

Hello MrOven ,

Thank you for reaching out to the community, if you make any changes on the VPN configurations then the users will need to re-download the config file once again in order to connect it successfully !!

Pre-shared Keys Changing

Top Replies