extract PSK secrets #42
-
|
Hi I am looking for a way to extract the PSK secret of each VPN we have, in order to document them else-where. I can get it by doing https://root-vdom/api/v2/cmdb/vpn.ipsec/phase1-interface?vdom=vdom_name&plain-text-password=1 in a browser, but when I try in the python script using this code f_api = FortiGate(host=mgmt_ip, port=mgmt_port,token=mgmt_token)
vpn_interfaces = f_api.get(url=f"api/v2/cmdb/vpn.ipsec/phase1-interface?vdom=vdom_name&plain-text-password=1")
for vpn_int in vpn_interfacest.json():
for vdom_vpn_int in vpn_int['results']:
print(vdom_vpn_int['psksecret'])it results in: ENC XXXX Am I doing something wrong or does the fortigate_api not understand the plain-text-password=1 parameter added to the query? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi I have figured it out. It seems that the REST API Administrator needs to have "Read/Write" access to the VPN-section in order to see the PSK keys. "Read" access is not enough. |
Beta Was this translation helpful? Give feedback.
Hi
I have figured it out. It seems that the REST API Administrator needs to have "Read/Write" access to the VPN-section in order to see the PSK keys. "Read" access is not enough.