FWSM and SSL

Unanswered Question
May 22nd, 2007

How to configure the FWSM so that it only supports SSL 3.0 and not SSL 2.0 which has many security vulnerabilities.

I guess FWSM/PIX/ASA supports SSL/TLS.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 05/22/2007 - 22:39

Hi

As far as i know you can't do this on the FWSM. SSL v3.0 and SSL v2.0 will both use port 443 and that is the only control you have on the FWSM. There is no "fixup" specifically for HTTPS which means the FWSM does not have an any application aware code for the version of https being used.

Basicaly you need to ensure that you are not running v2.0 SSL on any of your servers if you are concerned with the security vulnerabilities.

HTH

Jon

Actions

This Discussion