Forum Discussion

Cirrostratus

Apr 28, 2014

Server SSL Profile ciphers

I'm using the following Ciphers string in a server SSL profile on my 11.4.1HF3 LTM: DEFAULT:-TLSv1_1:-TLSv1_2 The resulting ciphers list is this: Active:Changes Pending] ~ tmm --serve...

Cirrostratus

Apr 28, 2014

is it health monitor?

YES! This VIP is snatted and my tcpdump command mistakenly EXCLUDED the floating self-ip, leaving only monitor traffic in my trace. I just took another trace and verified the LTM only sends the list of 7 matching TLS ciphers in the

tmm --serverciphers 'DEFAULT:-TLSv1_1:-TLSv1_2'

output. This is what I expected. Thanks very much for setting me straight!

This leads me to another question...what makes the LTM decide to "decide" to use TLS on the serverside of the connection? Is that because the client on the clientside requested to use TLS (which it does), and it is required to maintain the same protocol on both sides?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Server SSL Profile ciphers

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Disabling Ciphers

F5 Hardened Cipher suite profile (pentest recommendation)

HTTPS communication and client and server ssl profile

SSL cipher: improve performance

ASM Logging profile w/ Remote Storage

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS