For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

IRONMAN's avatar
IRONMAN
Icon for Cirrostratus rankCirrostratus
Jul 13, 2018

ciphers applied to client SSL profile for allow only tls 1.2 not working?

Hi ,   I applied below cipher settings for client SSl profile and applied to VIP 443. But when i try to access the website from any browser, settings in browser unchecked for tls 1.2 and allowed...
application delivery
BIG-IP
LTM
security
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Jul 13, 2018

IRONMAN,

I would look to perform a tcpdump/ssldump to see what's going on, see

Overview of packet tracing with the ssldump utility

Also, if you use Putty to connect to your BIG-IP and perform the following command 

tmm --clientciphers 'DEFAULT:!SSLv2:!EXPORT40:!EXP:!LOW:!SSLv3:!RC4-SHA:AES128-SHA:AES256-SHA:!DES-CBC3-SHA:!TLSv1:!TLSv1_1'
it will outline which ciphers are being presented by the clientssl profile.

Hope this helps,

N