cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1018
Views
0
Helpful
4
Replies

SSL VPN users only conenct on Protocol Encryption RC4 - why?

jamesgonzo
Level 1
Level 1

Hi,

My Clientless SSL VPN users only connect to my ASA on RC4 protocol encryption, is this ok? I want them to connect on AES 256 but they can't.

Actually 3DES-168 seems to work as well.

Thanks

4 Replies 4

a.alekseev
Level 7
Level 7

by default rc4-sha1 takes precedence

you can modify this behaviour by the command

"ssl encryption aes128-sha1 rc4-sha1 aes256-sha1 3des-sha1"

or use asdm

see the attachment

Hi,

I tried that but I only ever conenct at RC4-Sha1, even when I put it at the end.

Why is this please?

It would depend on your browser, wouldn't it?

Which one are you using?

Also what do you have checked under Tools >> Internet Options >> Advanced (SSL 2.0 / SSL 3.0 ?)

Regards

Farrukh

I'm using IE7, under those options I have SSL 3.0, TSL 1.0 selected.

In the ASDM I have Server SSL verion set to any and Client SSL version set to any.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: