cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
444
Views
0
Helpful
3
Replies

Turn off SSL on ASA possible?

whiteford
Level 1
Level 1

hi,

As far as I know I don't think I use SSL on my 5520 ASA, but how can I check?

The thing is I have run a Qualys security scan against our ASA's Outside interface and I get 2 SSL vulnerabilities back.

I can't work out how it's finding these and whether I can turn them off. It also says they are self assigned certificates and should be from a third part instead.

Thanks in advance for your help

1 Accepted Solution

Accepted Solutions

mark.j.hodge
Level 3
Level 3

Connect to your ASA command line, and see if there is a "webvpn" entry.

If so and you want to remove the capability remove the "enable outside" entry.

Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands.

You should be able to check by directing a browser to the outside interface

View solution in original post

3 Replies 3

mark.j.hodge
Level 3
Level 3

Connect to your ASA command line, and see if there is a "webvpn" entry.

If so and you want to remove the capability remove the "enable outside" entry.

Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands.

You should be able to check by directing a browser to the outside interface

You fixed it:

Quote

"Another possibility is that you are running ASDM on the outside interface, check if there are any "http

outside" commands."

alanajjar
Level 1
Level 1

Hi,

The self signed certificate is generated by the ASA to let some basic operation work, like ASDM access and ssh access. For outside certificate authentication, you need to use third party certificate.

regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: