Disabling TLS v1.0 & v1.1 on MGMT interface for Virtual F5 Appliance

Question

Hi,Please provide the steps to disable TLS 1.0 and TLS 1.1 for the F5 Management Interface (TMUI). Also share the steps to apply strong ciphers to enhance security on F5 management interface.&nbsp;Note: F5 in our infrastructure is Virtual Appliance in Azure. Please also let me know if in case F5 GUI access will be affected as part of the TLS version &amp; cipher suite modification.

jeffrey_granier · Answer

Use only TLS 1.2 on the BIG-IP GUI (Configuration utility)
&nbsp;
To apply strong ciphers something like this should work: &nbsp;
&nbsp;
modify sys httpd ssl-ciphersuite "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256"
&nbsp;
restart sys service httpd

jmtaylor · Answer

Hello Preet_pk&nbsp;
Have you&nbsp; checked this article yet,&nbsp;How to disable TLS 1.0 on the self IP interface and MGMT interface

Forum Discussion

Disabling TLS v1.0 & v1.1 on MGMT interface for Virtual F5 Appliance

2 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

HA Failover between two Datacenters

AST Configuration Assistance

Identify which virtual servers are using a specific SSL certificate

APM VPN LDAP POOL can't contact ldap server.

Users account sessions mixed up..

Related Content

Application Programming Interface (API) Authentication types simplified

sizing the F5 appliance

Disable Interface if Pool Member Availability Drops Below Threshold

Disable below cipher

Symmetric routing on NGINX Plus with multiple interfaces

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS