Forum Discussion

lmediavilla's avatar
lmediavilla
Icon for Nimbostratus rankNimbostratus
Jan 24, 2023

LTM Cipher rule

Hello: I've been asked to allow just some security protocols but I think there is not any manual way to just select these. I've tried creating a cipher rule or trying to select using the cipher gro...
  • CA_Valli's avatar
    CA_Valli
    Jan 25, 2023

    So, I ran this string :

     

    ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256

     

     

    This should be exactly what you need (BIG-IP 15.1.5.1) as there is 3 repetitions in ur list (49199 49200 and 52392 are all mentioned twice) 

     

    You can either use a rule + group now (which might be better if u want to recall in multiple profiles)

     

    or just paste the string in your profile (maybe you can do a "template" profile object with this setting and other basic stuff that you can refer as "parent" for creating all of your other objects) 

     

     

    This should be all,
    regards
    CA