Forum Discussion

vvskaladhar_488's avatar
vvskaladhar_488
Icon for Nimbostratus rankNimbostratus
Jun 22, 2018

irule required.

HI Can some one please provide an irule for allow only TLS1.2 for some customers and allow TLSv1.0 , TLSv1.1 for other users on same vip? How ever i am aware of IPs who i need to allow TLSV1.0 an...
application delivery
iRules
  • vvskaladhar_488's avatar
    vvskaladhar_488
    Icon for Nimbostratus rankNimbostratus
    Jun 25, 2018

    HI Jason,

     

    I have tried above but it did not helped. more over i am not users client and server SSL profiles. its all client profile which was tagged to the VIP.

     

    when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] eq $TLSV1.0_1.1_Disable ]} { SSL::profile kaladhar.adc.com_TLS } else { SSL::profile kaladhar.adc.com_client-ssl } }

     

    I created Data group with Name :TLSV1.0_1.1_Disable ( added one of the testip from interent) created 2 profiles 1 with TLSv1.0 and 1.1 disable and on has no disabled of TLS enabled TLSv1.0 . After tagging this irule i see the url stooped working and unable to run qualys scan.and getting below error for all the users.

     

    Assessment failed: No secure protocols supported .