For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Olson_172's avatar
Chris_Olson_172
Icon for Altostratus rankAltostratus
Jun 09, 2016

How can I find what clients are using TLS 1.0

I need to determine what clients are using TLS 1.0. My thought is to create an irule to gather the source IP of the client. I know I can view statistic with:   tmsh show ltm profile client-ssl  ...
BIG-IP
iRules
security
Chris_Olson's avatar
Chris_Olson
Icon for Nimbostratus rankNimbostratus
Jul 01, 2016

I need to keep the impact on the logs as small as possible until we can get logging going to a separate device. Worse, I do not have full access to the device and must submit my rule for deployment. The vendor does not support irules so it's a long process if something goes wrong. I tried the below but something is wrong:

 

when CLIENTSSL_HANDSHAKE { switch -glob [SSL::cipher version] { "1.0" - { { log local0. "[IP::client_addr] Old." }

 

}

 

The logs show the following: TCL error: tls_1.0_test - extra switch pattern with no body while executing "switch -glob [SSL::cipher version] { "1.0" - { log local0. "[IP::client_addr] Old." } }"

 

Where did I go wrong?