Forum Discussion
Andrea_Colombo_
Nimbostratus
NimbostratusAdding Peer device issue
Hi Guys,
I have a problem with my customer.
We are working in Test Plant, where we would replace 2 F5 Viprion 4400 (version 11.4.1) with an F5 i2600 (version 12.1.2).
I'm telling you what we wou...
Greetings,
That seems resemble the following:
K54511423: The system includes insecure ciphers when a device adds another device to the device trust
https://support.f5.com/csp/article/K54511423
Did you happen to use this article to modify the HTTP cipher strength?
K13405: Restricting Configuration utility access to clients using high-encryption SSL ciphers (11.x)
https://support.f5.com/csp/article/K13405
Kevin
Hi Andrea,
I've not encountered this issue on any of my BIG-IPs. It looks like the default setting is:tmsh list sys httpd ssl-protocol
sys httpd {
ssl-protocol "all -SSLv2 -SSLv3"
}
Do you have the ability to set this on both devices and test?
tmsh
modify sys httpd ssl-protocol "all -SSLv2 -SSLv3"
save sys config
load sys config
restart sys service httpd
I know you intend to use stronger ciphers only, but it appears this is only possible in v13.0.0 per the bug mentioned above.
Thanks!
Kevin
