tmm --serverciphers DEFAULT.
Im getting this output on a v11 and a v10 box. Im trying to determine what would the "actual" stack list the server profile would give to an endpoint (server)? The reason for the question is because Im having a difficult server guy tell me that they are getting lower end ciphers instead of the highest first with 11.5.3. Of course, they will not change anything on their side so Im trying to workaround their limitations by modifying a serverssl profile on the LTM. If anyone has a magic F5 document that they can point me to that specifically says this is the stack list... that would be great. I did see SOL13163 11.5.3 and this one SOL13156.
Does it go by unit id first or (as in the far left number)? Because its a bit different in v11 vs v10.
[root@11.5.3-ltm:Active:In Sync] ~ tmm --serverciphers 'DEFAULT'
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA
1: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
2: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA
3: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
4: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
5: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA
6: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
7: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA
8: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
9: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
10: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
11: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA
12: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
13: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
14: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
15: 5 RC4-SHA 128 TLS1.1 Native RC4 SHA RSA
16: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
17: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDHE_RSA
18: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
19: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
20: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
21: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 Native AES SHA256 ECDHE_RSA
22: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1 Native AES SHA ECDHE_RSA
23: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.1 Native AES SHA ECDHE_RSA
24: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 Native AES SHA ECDHE_RSA
25: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1 Native DES SHA ECDHE_RSA
26: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.1 Native DES SHA ECDHE_RSA
27: 49170 ECDHE-RSA-DES-CBC3-SHA 192 TLS1.2 Native DES SHA ECDHE_RSA
[root@v10.2.4-ltm:Active] convert tmm --serverciphers DEFAULT
ID SUITE BITS PROT METHOD CIPHER MAC KEYX
0: 5 RC4-SHA 128 SSL3 Native RC4 SHA RSA
1: 5 RC4-SHA 128 TLS1 Native RC4 SHA RSA
2: 5 RC4-SHA 128 TLS1.2 Native RC4 SHA RSA
3: 47 AES128-SHA 128 SSL3 Native AES SHA RSA
4: 47 AES128-SHA 128 TLS1 Native AES SHA RSA
5: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA
6: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA
7: 53 AES256-SHA 256 SSL3 Native AES SHA RSA
8: 53 AES256-SHA 256 TLS1 Native AES SHA RSA
9: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA
10: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA
11: 10 DES-CBC3-SHA 192 SSL3 Native DES SHA RSA
12: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA
13: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA
14: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
15: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA
16: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA