Forum Discussion

Karthik_Kumaran's avatar
Karthik_Kumaran
Icon for Nimbostratus rankNimbostratus
Apr 08, 2015

cipher suite in Big-IP equivalent to RSA_WITH_AES_256_CBC_SHA in Cisco ACE

We are using a cipher suite as RSA_WITH_AES_256_CBC_SHA in our current cisco ACE setup. What is the equivalent cipher suite name i will have to use in the client-ssl profile configuration?

 

4 Replies

  • Thanks. Another clarification. If i do a !RC4-SHA in the Cipher suite setting, does it disable all combinations of cipher suites containing RC4 and SHA separately, or just disables RC4-SHA ??? For instance does 'DHE-RSA-AES128-SHA' get disabled by using !RC4-SHA??

     

  • Karthik you can check what being used by running the following command from CLI:

    tmm --clientciphers 
    tmm --serverciphers 
    example:
    
    tmm --clientciphers 'DEFAULT:!RC4-SHA'
    
  • I can tell you in the case of "RC4-SHA" only the RC4 stream cipher is disabled. DevBabu is right though, you should validate the output of your string with tmm.

     

    KHarsma