Solved: Re: Anyconnect - setup remove old protocols

old roo · ‎06-07-2022

Hi all

Setting up Anyconnect from scratch on the firepowers. Using the FMC.

How do i remove the old protocols like TLS1.0 and TLS 1.1 from being used. I cant see that in the anyconnect setup ?

Is this done at the interface level ?

Any help would be great.

Rob Ingram · ‎06-07-2022

@old roo what version of FMC and FTD are you using? With 6.6 you can explictly enable DTLS 1.2, which gives you better performance.

Example guide here to enable DTLS 1.2 and specify ciphers under Platform Settings:-

MHM Cisco World · ‎06-07-2022

Rob Ingram · ‎06-07-2022

@old roo what version of FMC and FTD are you using? With 6.6 you can explictly enable DTLS 1.2, which gives you better performance.

Example guide here to enable DTLS 1.2 and specify ciphers under Platform Settings:-

old roo · ‎06-07-2022

Forgot to add that am using 6.6.5.2

Rob Ingram · ‎06-07-2022

@old roo that's fine, the configuration example provided will work on 6.6.5.2.

old roo · ‎06-07-2022

Does changing the SSL settings in article affect any other services on the platform ? or just Anyconnect ?

Rob Ingram · ‎06-07-2022

@old roo no just AnyConnect Remote Access VPN.