TLS 1.2 Implementation

vyas.2020 · ‎08-26-2021

I have some point raised by audit team. I am having cisco 2811 router and recommanded below point to implement.

Model : CISCO2811

IOS : c2800nm-advsecurityk9-mz.124-20.T2.bin

'It is recommended to:
- Disable SSLv2 and SSLv3
- Use TLS 1.2 or 1.3 with strong cipher suits

I have googled a lot but not find any solution which I can understand.

Leo Laohoo · ‎08-26-2021

@vyas.2020 wrote:

c2800nm-advsecurityk9-mz.124-20.T2.bin

'It is recommended to:
- Disable SSLv2 and SSLv3
- Use TLS 1.2 or 1.3 with strong cipher suits

IOS version 12.2(20)T2? TLS 1.2 or 1.3?
Tell the Audit Team it is possible if someone is going to pony up a wad of cash.

TLS 1.2 support starts with ISR G2. ISR G1, including 2800, will not support TLS 1.2.

TLS 1.2 Compatibility Matrix for Cisco Collaboration Products

marce1000 · ‎08-27-2021

- Not possible , the only thing you can do is use sufficient recent software release(s) , and check if these security-items have been improved.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '