cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

ISE 1.1 - Disable SSLv3 Guest Portal

joshhunter
Enthusiast
Enthusiast

Hello, are we able to disable SSLv3 protocol for Guest Portal in ISE1.1?

The customer is running 1.1 but upgrading to 1.4 shortly.

I have had a look at the documentation located here:

https://communities.cisco.com/docs/DOC-69521#jive_content_id_Web_Portals

My understanding that SSLv3 is deprecated, and should be using TLS1.0+

From reading the document linked above:

ISE 1.2 supports TLS 1.0, 1.1 and 1.2

ISE 1.3 and 1.4 support TLS 1.0 only

ISE 2.1 supports TLS 1.0, 1.1 and 1.2

Could you please confirm if SSLv3 can be disabled or the customer must upgrade to 1.2+ which supports the successor TLS1.0

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

ISE 1.4 is latest support for custoemrs with  ISE-3315, ISE-3355 and ISE3395, after that version 2.x requres Appliances to be SNS-34xx

http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/release_notes/ise14_rn.html#pgfId-42971

View solution in original post

6 REPLIES 6

hslai
Cisco Employee
Cisco Employee

The ISE 1.2 entry should be for ISE 2.0. IIRC ISE 1.2 support SSLv3.

Nonetheless, both ISE 1.1 and 1.2 are very old so please upgrade the customer to ISE 2.0.1 or newer.

A large quantity of our customer's are on the old Appliance so only 1.4 is the latest until they upgrade hardware or move to VM.

Hi,

ISE 1.4 is latest support for custoemrs with  ISE-3315, ISE-3355 and ISE3395, after that version 2.x requres Appliances to be SNS-34xx

http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/release_notes/ise14_rn.html#pgfId-42971

You are correct.

Okay, so I guess my question is -

Does ISE 1.4 remove SSLv3 support i.e. rather than Poodle Patch, disable completely for Portal Pages specifically Guest.

Yes, all web portals, including guest, in ISE 1.3 and 1.4.x support TLS 1.0 only.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: