For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

W__Tout_99150's avatar
W__Tout_99150
Icon for Nimbostratus rankNimbostratus
Mar 07, 2013

SSL handshake failure

Hello,   we're seeing a weird behaviour during SSL handshake where the client (on an Android mobile device) sends the ClientHello to the LB but the LB does not send back the ServerHello. We see th...
app sec
BIG-IP Access Policy Manager (APM)
security
W__Tout_99150's avatar
W__Tout_99150
Icon for Nimbostratus rankNimbostratus
Mar 13, 2013
so I tried disabling TLS1 as suggested. The "tmm" command output is as follows:

 

 

[root@suwmt2lb01:Active] tmp tmm --clientciphers '!SSLv2:ALL:!DH:!ADH:!EDH:!MD5:!EXPORT:!DES:@SPEED:!TLSv1'

 

ID SUITE BITS PROT METHOD CIPHER MAC KEYX

 

0: 5 RC4-SHA 128 SSL3 Native RC4 SHA RSA

 

1: 47 AES128-SHA 128 SSL3 Native AES SHA RSA

 

2: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA

 

3: 53 AES256-SHA 256 SSL3 Native AES SHA RSA

 

4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA

 

5: 10 DES-CBC3-SHA 192 SSL3 Native DES SHA RSA

 

6: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA

 

 

The curious thing is that this did not seem to change anything as we were still observing the problem and even TLSv1 was still being used. Is that normal? Did I miss something?