Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
702
Views
0
Helpful
1
Replies

Cisco ASA 5512X - SSL Server Settings

jtracey81
Level 1
Level 1

‎12-23-2019 12:42 PM - edited ‎02-21-2020 09:49 PM

To alleviate a couple of found security issues with our ASA 5512X, I am looking at changing the SSL settings for the device.

Currently, it is set to a Custom / TLS1 for both server and client.

If I configure this to be a HIGH/TLS1.2 for the server configuration (or any different configuration), will this affect my site to site VPNs that I have at my location?  If my users are using the 4.7.xxxx AnyConnect mobility client, there should be no problems with them still connecting?

 

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎12-23-2019 12:49 PM

Hi,
Site-to-Site VPNs use IPSec and not TLS, so there should be no impact. You should probably be ok for remote access users, assuming that they are not connecting from really old operating systems that do not support TLS1.2 and newer ciphers.

HTH
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents