Forum Discussion
Jerome_CARRIER
Nimbostratus
NimbostratusVPN DTLS
Hi DevCentral, I read that the performance when we use VPN (edge Client) can be improve if the DTLS is activated. Currently, we use only VPN through HTTPS. If I activate DTLS on the VPN profile...
Jerome_CARRIERNimbostratus
Nimbostratus
we have this configuration about the client-ssl profile.. is-it correct ?
Simon_Blakely
Employee
EmployeeLooks good to me:
# tmm --clientciphers '!SSLv3:!DHE:ECDHE:RSA+HIGH:!3DES'
ID SUITE BITS PROT CIPHER MAC KEYX
0: 49199 ECDHE-RSA-AES128-GCM-SHA256 128 TLS1.2 AES-GCM SHA256 ECDHE_RSA
1: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 AES SHA ECDHE_RSA
2: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 AES SHA ECDHE_RSA
3: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 AES SHA ECDHE_RSA
4: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 AES SHA256 ECDHE_RSA
5: 49200 ECDHE-RSA-AES256-GCM-SHA384 256 TLS1.2 AES-GCM SHA384 ECDHE_RSA
6: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 AES SHA ECDHE_RSA
7: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 AES SHA ECDHE_RSA
8: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 AES SHA ECDHE_RSA
9: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 AES SHA384 ECDHE_RSA
10: 52392 ECDHE-RSA-CHACHA20-POLY1305-SHA256 256 TLS1.2 CHACHA20-POLY1305 NULL ECDHE_RSA
11: 157 AES256-GCM-SHA384 256 TLS1.2 AES-GCM SHA384 RSA
12: 53 AES256-SHA 256 TLS1 AES SHA RSA
13: 53 AES256-SHA 256 TLS1.1 AES SHA RSA
14: 53 AES256-SHA 256 TLS1.2 AES SHA RSA
15: 53 AES256-SHA 256 DTLS1 AES SHA RSA
16: 61 AES256-SHA256 256 TLS1.2 AES SHA256 RSA
17: 132 CAMELLIA256-SHA 256 TLS1 CAMELLIA SHA RSA
18: 132 CAMELLIA256-SHA 256 TLS1.1 CAMELLIA SHA RSA
19: 132 CAMELLIA256-SHA 256 TLS1.2 CAMELLIA SHA RSAshows a DTLSv1 cipher.
