Hi Albert,

In addition, 

ACS 5.8 support both TLS 1.0 and 1.1. P4 support 1.2 as well.

-The  default is TLS 1.1 and 1.2 is enabled.

-If you want to have TLS 1.0  support (for legacy devices) , then, you can enable 1.0 *in addition* to 1.1/1.2. Enabling 1.0, will not disable 1.1/1.2.

Additionally in ACS configuration,  we provide an option to enable/disable SAH1 cipher irrespective of TLS version selection.

We have documented this in Release Note.  http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-8/release/notes/acs_58_rn.html#pgfId-453813

Regards

Gagan

PS:  rate it as correct if it helps!!!

Hi Albert,

Let me know if you still have any further concerns.

Regards

Gagan

PS: Please rate as correct if it helps!!!!

I have upgraded to ACS 5.8patch 4 and patch 6. I running 802.1x with no luck. the error message is "EAP is misconfigured on the ACS server or Network devices"

Able to resolve 802.1x issue.

Windows 10 enterprise implemented Credential Guard broke PEAP-EAP-MSCHAPv2.

Need to move to EAP-TLS (Certificate) or disable Credential Guard.

Hi

I would like to know if TLS 1.2 is not supported with ACS 5.7.

Thanks,

Cleitom Avelino

ACS5.7 = no

ACS5.8 patch 4+ = YES

Hi Gagan,

In 5.8 Patch 4 can TLS 1.1 be disabled.

Thanks

Barry

Hi,

Is there a possibility to disable SSL 2.0 & 3.0 & enable TLS 1.2 in following devices