Forum Discussion

Employee

Oct 21, 2008

Detecting TLS v1.1

Does anyone know what string (if anything) LTM 9.4.x will return for [SSL::cipher version] if the client is using TLS v1.1 (ie Opera)? I'm trying to account for the possibility of a TLS v1.1 ...

Historic F5 Account

Oct 23, 2008

Denny,

You'll need to find a REALLY old browser that only supports SSLv2 to get any meaningful results. Any modern browser will avoid SSLv2 like the plague for obvious reasons (Glaring security holes).

If you want to test with a modern browser, a tcpdump / SSLDump will probably give you a reasonable idea of how far its getting (Does it fail at key negociation or does it send a http request).

Also, have you got Ciphers set to ALL on your SSL Profile? If its default, it might not have any compatible Ciphers availible, even though SSLv2 is not explicitly disabled.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Detecting TLS v1.1

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

How to disable only TLS v1 & TLS v1.1 on specific virtual server

F5 Distributed Cloud JA4 detection for enhanced performance and detection

Load Balancing TCP TLS Encrypted Syslog Messages

Decrypting TLS traffic on BIG-IP

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS