Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Turn off SSL on ASA possible?

hi,

As far as I know I don't think I use SSL on my 5520 ASA, but how can I check?

The thing is I have run a Qualys security scan against our ASA's Outside interface and I get 2 SSL vulnerabilities back.

I can't work out how it's finding these and whether I can turn them off. It also says they are self assigned certificates and should be from a third part instead.

Thanks in advance for your help

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Turn off SSL on ASA possible?

Connect to your ASA command line, and see if there is a "webvpn" entry.

If so and you want to remove the capability remove the "enable outside" entry.

Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands.

You should be able to check by directing a browser to the outside interface

3 REPLIES

Re: Turn off SSL on ASA possible?

Connect to your ASA command line, and see if there is a "webvpn" entry.

If so and you want to remove the capability remove the "enable outside" entry.

Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands.

You should be able to check by directing a browser to the outside interface

New Member

Re: Turn off SSL on ASA possible?

You fixed it:

Quote

"Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands."

New Member

Re: Turn off SSL on ASA possible?

Hi,

The self signed certificate is generated by the ASA to let some basic operation work, like ASDM access and ssh access. For outside certificate authentication, you need to use third party certificate.

regards

232
Views
0
Helpful
3
Replies
CreatePlease to create content