cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
178
Views
1
Helpful
1
Replies

IOS Client Supported TLS Versions

stevej3295
Level 1
Level 1

IOS XE client connection attempts to our LDAPS and RADSEC servers are attempting to initiate SSLv3 or TLSv1 connections and failing due to SSLv3 and TLSv1 being disabled in our environment.  We cannot enable SSLv3 and TLSv1 per policy.  Is there a way to configure the LDAPS and RADSEC clients to establish TLSv1.2 or TLSv1.3 connections in IOS XE?  I have searched for documentation on this issue and cannot find anything.

Cisco IOS XE Software, Version 17.12.01

1 Reply 1

@stevej3295 RADSEC if using DTLS uses 1.2 https://community.cisco.com/t5/networking-knowledge-base/configuring-radius-over-dtls-with-cat9k-and-ise-3-0/ta-p/4438427#toc-hId--239788900

I am not sure about LDAPS either. If you can secure RADIUS can you not use this instead of LDAPS?