07-29-2013 02:05 AM - edited 02-21-2020 07:03 PM
Hello everyone,
I found the following statement in the Cisco ASA 5500 Series Configuration Guide using the CLI.
"Some clients may not support DHE, including AnyConnect 2.5 and 3.0, Cisco Secure Desktop, and Internet Explorer 9.0."
I wonder, did this change in AnyConnect 3.1? Does AnyConnect 3.1 support DHE on SSL connections?
Thanks and kind regards
07-29-2013 04:25 AM
We added DHE support in ASA 8.4.4 (AFAIR) 9.1.2, but it's still not in on Anyconnect even in 3.1, at least the internal enhancement request is not fulfilled.
If I may know, where is this quesiton coming from? We added Suite-B support to both AC and ASA (and IOS), I have not seen DHE mandated anywhere (granted I have limited visibility).
http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html#wp685480
10-29-2014 08:58 AM
What is the status of this support? Has DHE support been added to Anyconnect or not?
If not, is it on the roadmap to get fulfilled any time soon?
10-29-2014 09:16 AM
You might want to reach out to your SE for commitment/confirmation.
From what I know it going to end up with TLS 1.2 support in next big release (4.0?)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide