AltostratusHello Folks,
I want to use a custom set of ciphers in my ClientSSL Profile. I have gone through the document of F5, how can disallow ciphers by putting
!However I have a requirement that I need to use only 2 cipher suites such as
AES128-SHA256 & AES256-SHA256Any help is appreciated.
Cheers! Darshan
Employeee.g.
[root@ve11a:Active:In Sync] tmp tmm --clientcipher aes128-sha256:aes256-sha256:@strength
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
1: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA
Nacreousor from GUI
Local Traffic ›› Profiles >> SSL >> Client >> Profile_Name (advance mode)>> Ciphers
aes256-sha256:aes128-sha256
system will promt ciphers in order to input string at first aes256 then aes128
NacreousAltostratusWould this disable other ciphers suites from being used?
AltostratusAlso, will it be any downfall?
CirrostratusIf implemented, LTM will only Do SSL handshake with these ciphers,
AltostratusThank you all! Much much appreciated!!
AltostratusThank you all! It worked exactly as expected.
For internal test, I have used wireshark and verified the server side cipher suite.
For external test, as suggested above, sslabs is always helpful.
Thank you again,