For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

PeteW's avatar
PeteW
Icon for Nimbostratus rankNimbostratus
Apr 10, 2013

Amending clientssl ciphers with TMSH

Guys,     Hopefully someone has already covered this one but I have the following clientssl profile   ltm profile client-ssl pw_clientssl {   cert pw.bigip.test.com.crt   ci...
dev
TMSH
PeteW's avatar
PeteW
Icon for Nimbostratus rankNimbostratus
Apr 12, 2013
Posted By Brent Blood on 04/10/2013 02:02 PM

 

Try escaping the ! with a backslash in your tmsh command. Bash is attempting to perform history expansion when it sees the bang.

 

 

Hmm interesting, didn't think of that cheers Brent will do :)

 

 

 

  • Chris_FP's avatar
    Chris_FP
    Icon for Cirrus rankCirrus
    Nov 23, 2015
    I tried that and it didn't work. I had to do the following for mine - add the ' at the start and end of the cipher list tmsh modify ltm profile client-ssl clientsslprofile { ciphers '\!SSLv2\:\!EXPORT\:ECDHE\+AES\-GCM\:ECDHE\+AES\:ECDHE\+3DES\:RSA\+AES\-GCM\:RSA\+AES\:RSA\+3DES\:\-MD5\:\-SSLv3\:\-RC4\:\@SPEED' defaults-from clientssl }
  • PeteW's avatar
    PeteW
    Icon for Nimbostratus rankNimbostratus
    Nov 23, 2015
    Interesting .. i'll give that a go. I've noticed that it also depends on the base OS as 10.2.4 behaves differently to 11.2 to 11.6 .. go figure.