TLS version 1.0 on Client side and TLS version 1.2 on Server side

As client side SSL and Server side SSL works independently for maintaining SSL session between client & F5 and between F5 and backend server respectively, so your requirement should work.

To configure SSL profiles, you need to disable and/or enable required TLS version under client and server ssl profiles under advance tab--> ciphers options list. here by selecting Cipher group and enable desired TLS versions under options list. If you are selecting Cipher Suits option, then you can define specific cipher suits under the provided field. e.g. DEFAULT:!TLSv1:!TLSv1_1 This is example of cipher suits for your reference. This given cipher suit will block TLS1.0 and TLS1.1 versions. You can even apply specific encryption, key parameters under cipher suit along with keyword used for blocking TLS versions.

Hope it helps!

Mayur Sutare

Just to add we are on BIG-IP version 15. We don't have SSL Orchestrator or SSL Forward Proxy license.

Hi Mayur,

Thanks very much for your response!

I followed your advice and on the serverssl profile I blocked TLS v1/1.1 with DEFAULT:!TLSv1:!TLSv1_1:!ECDHE_ECDSA , I added the exclude for ECDHE just to test if this was working.

I verified what ciphers this would include first:

[xxxxxxbigip] log # tmm --serverciphers 'DEFAULT:!TLSv1:!TLSv1_1:!ECDHE_ECDSA'

    ID SUITE              BITS PROT  CIPHER       MAC   KEYX

 0: 49199 ECDHE-RSA-AES128-GCM-SHA256   128 TLS1.2 AES-GCM       SHA256 ECDHE_RSA

 1: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.2 AES         SHA   ECDHE_RSA

 2: 49191 ECDHE-RSA-AES128-SHA256     128 TLS1.2 AES         SHA256 ECDHE_RSA

 3: 49200 ECDHE-RSA-AES256-GCM-SHA384   256 TLS1.2 AES-GCM       SHA384 ECDHE_RSA

 4: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.2 AES         SHA   ECDHE_RSA

 5: 49192 ECDHE-RSA-AES256-SHA384     256 TLS1.2 AES         SHA384 ECDHE_RSA

 6:  156 AES128-GCM-SHA256        128 TLS1.2 AES-GCM       SHA256 RSA

 7:  47 AES128-SHA            128 TLS1.2 AES         SHA   RSA

 8:  47 AES128-SHA            128 DTLS1 AES         SHA   RSA

 9:  60 AES128-SHA256          128 TLS1.2 AES         SHA256 RSA

10:  157 AES256-GCM-SHA384        256 TLS1.2 AES-GCM       SHA384 RSA

11:  53 AES256-SHA            256 TLS1.2 AES         SHA   RSA

12:  53 AES256-SHA            256 DTLS1 AES         SHA   RSA

13:  61 AES256-SHA256          256 TLS1.2 AES         SHA256 RSA

14:  65 CAMELLIA128-SHA         128 TLS1.2 CAMELLIA      SHA   RSA

15:  132 CAMELLIA256-SHA         256 TLS1.2 CAMELLIA      SHA   RSA

16:  158 DHE-RSA-AES128-GCM-SHA256    128 TLS1.2 AES-GCM       SHA256 EDH/RSA

17:  51 DHE-RSA-AES128-SHA        128 TLS1.2 AES         SHA   EDH/RSA

18:  51 DHE-RSA-AES128-SHA        128 DTLS1 AES         SHA   EDH/RSA

19:  103 DHE-RSA-AES128-SHA256      128 TLS1.2 AES         SHA256 EDH/RSA

20:  159 DHE-RSA-AES256-GCM-SHA384    256 TLS1.2 AES-GCM       SHA384 EDH/RSA

21:  57 DHE-RSA-AES256-SHA        256 TLS1.2 AES         SHA   EDH/RSA

22:  57 DHE-RSA-AES256-SHA        256 DTLS1 AES         SHA   EDH/RSA

23:  107 DHE-RSA-AES256-SHA256      256 TLS1.2 AES         SHA256 EDH/RSA

24:  69 DHE-RSA-CAMELLIA128-SHA     128 TLS1.2 CAMELLIA      SHA   EDH/RSA

25:  136 DHE-RSA-CAMELLIA256-SHA     256 TLS1.2 CAMELLIA      SHA   EDH/RSA

26: 4865 TLS13-AES128-GCM-SHA256     128 TLS1.3 AES-GCM       NULL  *

27: 4866 TLS13-AES256-GCM-SHA384     256 TLS1.3 AES-GCM       NULL  *

Then I've just done SSLDump and I see the following:

New TCP connection #1: x.x.x.x(50884) <-> x.x.x.x(443)

1 1 0.0023 (0.0023) C>SV3.3(199) Handshake

   ClientHello

    Version 3.3

    random[32]=

     5f 34 07 21 bb 19 13 72 4d bf 49 3f de e5 13 80

     dc 25 6e 09 85 2a ee 2f 68 73 96 1f 2f e4 c6 8e

    cipher suites

     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

     .............output ommitted.................

     TLS_RSA_WITH_AES_128_CBC_SHA

     TLS_RSA_WITH_3DES_EDE_CBC_SHA

    compression methods

         NULL

    extensions

     server_name

     status_request

     supported_groups

     ec_point_formats

     signature_algorithms

      signature_algorithms[18]=

xxxxxxxxxxxx*output omitted************

     SessionTicket

     application_layer_protocol_negotiation

     extended_master_secret

     Unknown extension (0x18)

     renegotiation_info

1 2 0.0032 (0.0009) S>CV3.3(91) Handshake

   ServerHello

    Version 3.3

    random[32]=

xxxxxxxxxxxx*output omitted************

    session_id[32]=

xxxxxxxxxxxx*output omitted************

    cipherSuite     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    compressionMethod          NULL

    extensions

     renegotiation_info

     ec_point_formats

     extended_master_secret

1 3 0.0032 (0.0000) S>CV3.3(956) Handshake

   Certificate

1 4 0.0032 (0.0000) S>CV3.3(333) Handshake

   ServerKeyExchange

    ServerKeyExchange[329]=

xxxxxxxxxxxx*output omitted************

1 5 0.0032 (0.0000) S>CV3.3(4) Handshake

   ServerHelloDone

1  0.0246 (0.0214) C>S TCP FIN

1  0.0247 (0.0000) S>C TCP FIN

Even though it's negotiating the right version (3.3) which I believe is TLS 1.2, according to my cipher list it shouldn't offer up ECDHE_ECDSA, which it does in the client hello. Then after the server hello there is just a TCP FIN from the client, so the handshake never completes.

I'll post a picture of the profile config

This is the serverssl profile config - on the ciphers section

On the clientssl profile, I've allowed a cipher suit of DEFAULT as this side can be TLS1 (from client to BIG-IP)