06-07-2022 07:00 AM - edited 06-07-2022 07:10 AM
Hi all
Setting up Anyconnect from scratch on the firepowers. Using the FMC.
How do i remove the old protocols like TLS1.0 and TLS 1.1 from being used. I cant see that in the anyconnect setup ?
Is this done at the interface level ?
Any help would be great.
Solved! Go to Solution.
06-07-2022 07:15 AM - edited 06-07-2022 07:16 AM
@old roo what version of FMC and FTD are you using? With 6.6 you can explictly enable DTLS 1.2, which gives you better performance.
Example guide here to enable DTLS 1.2 and specify ciphers under Platform Settings:-
https://integratingit.wordpress.com/2021/01/28/secure-ftd-tls-ciphers/
06-07-2022 07:10 AM
06-07-2022 07:15 AM - edited 06-07-2022 07:16 AM
@old roo what version of FMC and FTD are you using? With 6.6 you can explictly enable DTLS 1.2, which gives you better performance.
Example guide here to enable DTLS 1.2 and specify ciphers under Platform Settings:-
https://integratingit.wordpress.com/2021/01/28/secure-ftd-tls-ciphers/
06-07-2022 07:23 AM
Forgot to add that am using 6.6.5.2
06-07-2022 07:31 AM
@old roo that's fine, the configuration example provided will work on 6.6.5.2.
06-07-2022 07:42 AM
Does changing the SSL settings in article affect any other services on the platform ? or just Anyconnect ?
06-07-2022 07:49 AM
@old roo no just AnyConnect Remote Access VPN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide