Cipher Rules and Groups (v14.1.0.2)

Question

Has anyone noticed any issues with cipher rules and cipher groups in v14.1.0.2?
For example, in the user comments from the following article, it was mentioned that on v13, when making a modification to cipher rules that the changes did not propagate (from my testing on v14.1.0.2, this issue appears to have been fixed)
https://devcentral.f5.com/articles/cipher-rules-and-groups-in-big-ip-v13-25200
From what I understand, the use of a cipher group is required for TLS1.3 (client side). You cannot specify a cipher suite string on the client SSL profile when you have TLS1.3 enabled. Is this correct?
Thanks

kai_wilke · Answer

Hi Michael,
haven't played with TLS1.3 on 14.1. yet, but it would make me wonder if you can't use a tailordered cipher suite string in combination with TLS1.3 anymore.
Take a look to K10251520 (click me) to get the latest information regarding TLS1.3 support. The article outlines the steps required to enable TLS1.3 on a SSL profile as well as the TLS1.3 related Cipher String values TLS13-AES128-GCM-SHA256 , TLS13-AES256-GCM-SHA384 and TLS13-CHACHA20-POLY1305-SHA256 ...
 tmm --clientciphers ALL | grep TLS13

Cheers, Kai

Forum Discussion

Cipher Rules and Groups (v14.1.0.2)

1 Reply

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

IPv8 Would Fix My Routing Tables. It Will Never Ship.

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

f5 r5600 appliance issue with adding trunk to vlan

SSL Forward Proxy, iRules and Client Hello

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

Related Content

Create cipher group in f5

Cipher Rules And Groups in BIG-IP v13

Cipher Suite Practices and Pitfalls

LTM Cipher rule

Disable below cipher