Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
3
Replies

Cisco devices (RV082RV042, ...) & diffie-helman (firefox & safari)

thierrymasson
Level 1
Level 1

‎08-24-2015 03:22 AM

Hi,

 

I have reported to Cisco support that I can't access anymore to some Cisco devices (like RV082 routers) due to the diffie-helman weak.

Here a explaination (to bypass the issue) : https://support.mozilla.org/fr/questions/1071500

But is it not possible to bypass (or I don't know how) with safari (iPhone, iPad, ...and probably on Macbook, ...)

 

I have just spent my time to explain to Cisco support the fact that this issue concerning most devices, theys just reply to me I need to furnish a serial number with a proof of purchase. I gived to us 3 serials (because I have many Cisco products installed for many customers, but no luck 2 not anymore under warranty, and the lastest "NOT already in her database") and I think is it comprenhensible, I don't want to search in thousand of items/invoices to find one !

What's kind of services is it?

Are you (Cisco) taking care of customer ?

RV082 is not a high and professional product, but is it not also a home user product I think.

I think when a customer reported a issues who's concerning a large amount of product and thousand and thousand customers... they must be take in care.. NO ?

So, please Cisco do your job, and release all firmware of concerning devices ASAP !

 

An unhappy customer.

Labels:
0 Helpful
3 Replies 3

Peter Boerjesson
Level 1
Level 1

‎08-24-2015 05:17 AM

Use internet explorer?

0 Helpful

thierrymasson
Level 1
Level 1
In response to Peter Boerjesson

‎08-24-2015 05:34 AM

Of course...using some others navigators like IE is a temporary "workarround"... (as IE is less picky for SSL than Firefox or Safari).

But ... if Microsoft make an update too ! they will be not accessible anymore too...

And, this is not the issue....because it's a security flaw, and MUST be corrected by Cisco !

Also... sometime when I have no PC or laptop and I need to access some router I use my iPhone or i Pad. And this not possible anymore also !

0 Helpful

Peter Boerjesson
Level 1
Level 1
In response to thierrymasson

‎08-24-2015 05:45 AM

Not disagreeing with you, but like you said, the RV series is a bit of in between consumer grade product and an enterprise product. So not the core focus of patches might not be here in the first place but instead of the enterprise products. They do use weak cryptography in a lot of these things it's not a flaw in the sense that Cisco has done anything wrong from an implementation point of view, it's just that browser are pushing the demands for higher security settings. It's more of a compatibility issue than anything else, hence my comment, use Internet explorer. I don't see MS removing support for a long time. I think you still have at least 2 years "enabled by default support" for old crypto in IE, then probably a few more years of configuring to use old crypto. Basically I think the RV will be replaced before IE drops support.

All this said, I'd like Cisco to increase the cryptography for certificates as well, for now though, fiddle around with FF/Chrome in "about:config" or use IE. Workaround is what you're stuck with.

0 Helpful
Customers Also Viewed These Support Documents