Forgive me but I'm pretty green when it comes to these F5's. We have an F5 LTM that is load balancing our internal and external email. We just had a pen test done and they saw TLS1 and 1.1 open from the external IPs.
Pretty simple setup, external email hits our mail URL, it gets NAT'd to internal IP of the F5 virtual server then that goes to our pools. Virtual server is using client ssl profile and I'm assuming that is where this TLS is showing up.
What I need to know is how to find (cli command as we have many virtual servers) what virtual servers are using this specific SSL Profile so I can make sure the external is the only one before I make any changes to the profile.
The current SSL profile option is set with just No_TLSv1.3, wouldn't that mean it's using everything else BUT 1.3? I would want to put v1 and v1.1 in there instead right?
Thanks for the help!