F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

SSesostris_3458's avatar
SSesostris_3458
Icon for Nimbostratus rankNimbostratus
May 03, 2018

Issue on disabling TLS 1.0 / TLS 1.1

Hello,   We have a problem with an LTM (Local Trafic Manager) when we turn off TLS 1.0 and 1.1. Indeed when protocols are disabled in SSL profiles, the F5 does not return any error to the client. ...
iRules
LTM
security
Mike_62127's avatar
Mike_62127
Icon for Nimbostratus rankNimbostratus
Jul 26, 2018

this iRule works well for what you are asking.

    if { [SSL::cipher version] ne "TLSv1.2" } {
    HTTP::respond 200 content "Your browser must support TLSv1.2"
Surgeon's avatar
Surgeon
Ret. Employee
Jul 27, 2018

But be aware that this solution requires tls1.0 and tls1.1 to be enabled and may impact your rank on ssllabs. You need to decide which option to use.

 

See Lee Sutcliffe's replies earlier