Home >> Knowledgebase >> CCNA Security >> How to configure Site-to-Site IKEv2 IPSec VPN using Pre-Shared Key Authentication If you are new to the basic concepts of VPN (Virtual Private Network) and IPSec, please learn following lessons before continuing.
For pre-shared key authentication to work, a common key is defined on each host. The key definition binds the key to the remote peer's ISAKMP identity. From a security perspective, the pest practice is to use a unique key for each peer pair. Pre-shared keys are configured using the global configuration command Connectivity: VPN Pre-Shared Key with Static IP Connectivity: VPN Pre-Shared Key with Static IP. This method is configuring a VPN tunnel to connect to the Web Security Service using IKEv1 and a pre-shared key (PSK) for site-to-site authentication. The method requires that your organization have a static public IP address. Pre-Shared Key Authentication — RedShelf Documentation 1.0 Pre-Shared Key Authentication¶. To use PSK authentication for read only access the credentials are required to be sent as part of the request headers. Encrypt Pre-shared Keys in Cisco IOS Router Configuration The remote Internet Key Exchange (IKE) version 1 service seems to support Aggressive Mode with Pre-Shared key (PSK) authentication. Such a configuration could allow an attacker to capture and crack the PSK of a VPN gateway and gain unauthorized access to private networks.
Understanding PSK Authentication - TechLibrary - Juniper