Forum Discussion

Cirrus

Jan 14, 2020

Irule to help root out TLS 1.0 and 1.1 connecting clients?

Hello, I've been asked to assist the dev team in removing TLS 1.0 and 1.1 from our internet facing applications. In order to figure out what clients are still accessing at this level I've been ...

Nacreous

Jan 15, 2020

Something like this could be a good starting point.

when HTTP_REQUEST {
 
if {([SSL::cipher version] == "TLSv1.1") || ([SSL::cipher version] == "TLSv1.0")}{
    log local0. "Client [IP::local_addr] is accessing [HTTP::uri] with [SSL::cipher version]"
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Irule to help root out TLS 1.0 and 1.1 connecting clients?

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Log client to vip connections

iRule based RADIUS Client Stack

Limit Connections From Client

Advanced iRules: Sideband Connections

iRules LX Sideband Connection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS