IFM - IPSec Pre-shared Key (PSK) Generator


IFM supplies network engineering services for $NZ200+GST per hour. If you require assistance with designing or engineering a Cisco network - hire us!

Note: This page uses client side Javascript. It does not transmit any information entered to IFM.

You are building a site to site VPN and need to exchange the PSK. However you are not allowed to email it, and TXTing never works as it mangles the PSK. What to do?

This tool uses client side javascript - so no information is ever transmitted - and generates a random PSK in your own web browser that rolls every 24 hours. All it requires is for both parties to have their machine clocks approximately correctly (so both machines calculate the same PSK).

Optionally, to make a more variable key, you can enter two encoding keys, and these keys must be exchanged between both parties. For example, you can make the two keys the public IP address of the two VPN terminators. Or you can use serial numbers, MAC addresses, or you could call each other and exchange two colours, favourite sports teams, etc. Note that whatever one party enters as "Key 1" the other party must enter as "Key 1", and whatever one party enters as "Key 2" the other party must also enter as "Key 2".

Then the tool will take your two keys, add a unique salt for that 24 hour period, and generate a nasty PSK that no person would ever guess - and that has never been transmitted over any medium, ever.

Key 1:

Key 2:

Pre-shared Key Length:

Pre-shared Key: