Translating Cipher Suites from Wireshark to BIG-IP

Many of us use Wireshark to capture and analyze network traffic. When it comes to SSL/TLS traffic, Wireshark does a great job of showing the cipher suites presented by the client and then the cipher ...

Updated Jun 06, 2023

Version 2.0

BIG-IP

security

ltwagnon

Ret. Employee

Joined May 15, 2019

View Profile

Piotr_Lewandow1

Nimbostratus

Sep 07, 2017

Hi John,

Nice extension to already great explanation from other article! I tried your trick with openssl ciphers –V DEFAULT but on 12.1.1.1.0.196 I am getting output like that:

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:....

What I am missing?

Piotr

Translating Cipher Suites from Wireshark to BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS