I'm new to the ASA and wanted to know if regenerating crypto keys on an existing ASA with established VPN tunnels could negatively affect the tunnels. The reason for wanting to regenerate crypto keys is so I can have version 2 SSH enabled (currently version 1 is enabled due to 512 bits being used). I plan on using at least 1024 bits but am concerned I'd be affecting more than just SSH.
Asked
Active
Viewed 296 times
1
-
What kind of authentication is being used on the VPN tunnels? – Shane Madden Nov 23 '13 at 08:21
-
@shane We're using pre-shared key for all our site tunnnels. – user33975 Nov 23 '13 at 16:56
1 Answers
1
This should be just fine - the running VPN tunnels shouldn't be affected by a change to the RSA keys on the system.
Though make sure you have console access when making the change so you don't cut yourself off.. and maybe do it in off-hours just to be safe.
Shane Madden
- 114,520
- 13
- 181
- 251