Forum Discussion

Nimbostratus

Nov 05, 2015

SSLv3 vs TLS 1.2 discrimination with irule

Hello All might F5 gurus! We are going to switch to TLS 1.2 in all of our F5 VIPs, but we want to place some sort of message for some months to any customer that still uses SSLv3, instead of showin...

Nimbostratus

Nov 05, 2015

I tried DEFAULT

and also DEFAULT:@STRENGTH

Neither of the above strings worked.I've tried other websites directly with only TLS 1.1 enabled and it worked fine.

Fabian

nathe

Cirrocumulus

Nov 05, 2015

My suggestion would be to start looking at an ssldump to see what ciphers the client is presenting. You can then cross reference the ciphers the f5 is presenting by running the tmm --clientciphers command (with your cipher strong).

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSLv3 vs TLS 1.2 discrimination with irule

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

iRule to stop SSLv3 connections

CVE-2014-3566: Removing SSLv3 from BIG-IP

SSLv3 POODLE mitigation recommendations

How much of my traffic is still SSLv3?

iRules Style Guide

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS