Invalid cipher DEFAULT:!EDH-RSA-DES-CBC3-SHA

Question

getting invalid error when trying to add cipher DEFAULT:!EDH-RSA-DES-CBC3-SHA. 
Profile disallows SSLv2, SSLv2, TLS1.2 running OS 11.6.0 HF6...any idea what it wont take.&nbsp;

stephane_viau · Answer

Try DEFAULT:!ECDHE-RSA-DES-CBC3-SHA&nbsp;
You can SSH into your Big-IP and see the list of ciphers contained in the DEFAULT suite, based on your firmware version : &nbsp;
tmm --clientciphers DEFAULT&nbsp;

root44 · Answer

Can you try this?&nbsp;
To accept - DEFAULT:EDH:RSA:DES:CBC3:SHA&nbsp;
To reject - !SSLv2:!SSLv1:!TLS1_2&nbsp;
Not sure I understood your question correctly but you can try above things.&nbsp;

Forum Discussion

Invalid cipher DEFAULT:!EDH-RSA-DES-CBC3-SHA

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Cipher Suite Practices and Pitfalls

Disabling Weak Ciphers

Cipher Suites Supported (12.1.5.3)

LTM Cipher rule

Access Logs - Invalid Tenant