https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371827#M309341 <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Hi </P><P></P><P>Recently we had issue in Microsoft Office communicator, users were not able to share their desktops however the ports are enabled. A microsoft has said that this Cipher suit is normally blocked in firewall and we have to enable it ( TLS_DH_anon_WITH_RC4_128_MD5 ).</P><P></P><P>Please provide the command to do so.</P><P></P><P>We are running ASA asa902-smp-k8.bin</P> Tue, 12 Mar 2019 03:01:53 GMT Hemakumar Sampath 2019-03-12T03:01:53Z https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371827#M309341 <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Hi </P><P></P><P>Recently we had issue in Microsoft Office communicator, users were not able to share their desktops however the ports are enabled. A microsoft has said that this Cipher suit is normally blocked in firewall and we have to enable it ( TLS_DH_anon_WITH_RC4_128_MD5 ).</P><P></P><P>Please provide the command to do so.</P><P></P><P>We are running ASA asa902-smp-k8.bin</P> Tue, 12 Mar 2019 03:01:53 GMT https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371827#M309341 Hemakumar Sampath 2019-03-12T03:01:53Z https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371828#M309342 <HTML><HEAD></HEAD><BODY><P>If you are actually doing this from one interface to another you should see what the ASA is dropping and in that case enable logs at debugging level through ASDM and or CLI and filter our the IP address that is generating the traffic.</P><P></P><P>If you need assistance on this please let me know.</P></BODY></HTML> Fri, 08 Nov 2013 05:25:08 GMT https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371828#M309342 jumora 2013-11-08T05:25:08Z https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371829#M309344 <HTML><HEAD></HEAD><BODY><H2 style="padding: 4px 0px 11px; font-family: Arial, Helvetica, sans-serif; font-size: 26px; line-height: 1em; color: #444444; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: #cccccc; font-weight: normal; width: 940px;">ASA 8.2: Configure Syslog using ASDM</H2><P></P><P></P><P></P><P></P><P><A href="http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b83d04.shtml">http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b83d04.shtml</A></P></BODY></HTML> Fri, 08 Nov 2013 05:31:51 GMT https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371829#M309344 jumora 2013-11-08T05:31:51Z https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371830#M309345 <P>The ASA won't block any cypher suite unless its specifically configured to terminate the TLS/SSL session,.</P><P>At a guess its probably being directed to a server that does not support that cipher suite.</P> Tue, 21 Oct 2014 13:24:49 GMT https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/2371830#M309345 cisco.met.co.uk 2014-10-21T13:24:49Z https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/3380281#M309346 Are yours users behind a proxy? <BR /><BR />peter<BR /> Tue, 08 May 2018 18:59:23 GMT https://community.cisco.com/t5/network-security/need-to-allow-tls-dh-anon-with-rc4-128-md5-in-asa-what-is-the/m-p/3380281#M309346 pepiscop 2018-05-08T18:59:23Z