Forum Discussion

Nimbostratus

Nov 05, 2015

SSLv3 vs TLS 1.2 discrimination with irule

Hello All might F5 gurus! We are going to switch to TLS 1.2 in all of our F5 VIPs, but we want to place some sort of message for some months to any customer that still uses SSLv3, instead of showin...

Nimbostratus

Nov 05, 2015

I tried DEFAULT

and also DEFAULT:@STRENGTH

Neither of the above strings worked.I've tried other websites directly with only TLS 1.1 enabled and it worked fine.

Fabian

nathe
Cirrocumulus
Nov 05, 2015
My suggestion would be to start looking at an ssldump to see what ciphers the client is presenting. You can then cross reference the ciphers the f5 is presenting by running the tmm --clientciphers command (with your cipher strong).
cjunior
Nacreous
Nov 06, 2015
Is your backend connection encrypted? your backend server supports TLSv1.1? run this command in ssh: openssl s_client -connect : -tls1_1 , it works?

Forum Discussion

SSLv3 vs TLS 1.2 discrimination with irule

Recent Discussions

Portal Access to HTTPS resources slow

HOW TO HIRE A HACKER TO RECOVER STOLEN BITCOIN. CONTACT FASTFUND RECOVERY

Big-IP Next 20.2.0-2.375.1+0.0.43 iRule count problem

rewrite Azure AD response for portal access via web portal

Azure SAML - F5 APM

Related Content

iRule to stop SSLv3 connections

CVE-2014-3566: Removing SSLv3 from BIG-IP

SSLv3 POODLE mitigation recommendations

How much of my traffic is still SSLv3?

Hey ChatGPT, can you write iRules?