07-28-2008 03:15 AM - edited 02-21-2020 03:51 PM
Hi,
My Clientless SSL VPN users only connect to my ASA on RC4 protocol encryption, is this ok? I want them to connect on AES 256 but they can't.
Actually 3DES-168 seems to work as well.
Thanks
07-28-2008 05:17 AM
by default rc4-sha1 takes precedence
you can modify this behaviour by the command
"ssl encryption aes128-sha1 rc4-sha1 aes256-sha1 3des-sha1"
or use asdm
see the attachment
08-01-2008 04:50 AM
I tried that but I only ever conenct at RC4-Sha1, even when I put it at the end.
Why is this please?
08-01-2008 06:23 AM
It would depend on your browser, wouldn't it?
Which one are you using?
Also what do you have checked under Tools >> Internet Options >> Advanced (SSL 2.0 / SSL 3.0 ?)
Regards
Farrukh
08-01-2008 06:42 AM
I'm using IE7, under those options I have SSL 3.0, TSL 1.0 selected.
In the ASDM I have Server SSL verion set to any and Client SSL version set to any.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
