Forum Discussion
Hi Thiago,
I understand you have a VS which should accept only TLS 1.0 traffic and a pool with pool members that are only accepting TLS1.2 traffic, so you are doing what is called SSL bridging. In that scenario you would need to attach a ClientSSL and a ServerSSL profile to the VS.
In ClientSSL and ServerSSL profiles you can configure Cipher Suites, which practically define which TLS ciphers are available in the profile for negotiating a secure communication channel.
You can use the DEFAULT cipher suite in ClientSSL and ServerSSL profile, it will support TLS1 on the client-side and also TLS1.2 on the server-side.
If you plan to tweak the cipher suites further, or just want to have a better understanding of the whole subject, take a look at K15194: Overview of BIG-IP SSL/TLS cipher suites.
KR