I'm not sure what else you have configured in your cipher string, or in the clientssl profile. Probably another option takes priority (i.e sort by bit strength or speed?). Regardless, this option alone clearly works as intended (using BigIP v11.5.4 in this sample)
tmm --clientciphers 'DEFAULT:+TLSv1'
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
1: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
2: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
3: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
4: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA
5: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
6: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
7: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
8: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
9: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
10: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
11: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
12: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
13: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
14: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
15: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
16: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
17: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
18: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
19: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
20: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA
21: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
22: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
23: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
24: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
25: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
26: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
Nimbostratus
