Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
632
Views
5
Helpful
3
Replies

Support for DHE on SSL in AnyConnect 3.1?

Sleepw4lker
Level 1
Level 1

‎07-29-2013 02:05 AM - edited ‎02-21-2020 07:03 PM

Hello everyone,

I found the following statement in the Cisco ASA 5500 Series Configuration Guide using the CLI.

"Some clients may not support DHE, including AnyConnect 2.5 and 3.0, Cisco Secure Desktop, and Internet Explorer 9.0."

I wonder, did this change in AnyConnect 3.1? Does AnyConnect 3.1 support DHE on SSL connections?

Thanks and kind regards

Labels:
0 Helpful
3 Replies 3

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎07-29-2013 04:25 AM

We added DHE support in ASA 8.4.4 (AFAIR) 9.1.2, but it's still not in on Anyconnect even in 3.1, at least the internal enhancement request is not fulfilled.

If I may know, where is this quesiton coming from? We added Suite-B support to both AC and ASA (and IOS), I have not seen DHE mandated anywhere (granted I have limited visibility).

http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html#wp685480

kschultz
Level 1
Level 1
In response to Marcin Latosiewicz

‎10-29-2014 08:58 AM

What is the status of this support? Has DHE support been added to Anyconnect or not?

If not, is it on the roadmap to get fulfilled any time soon?

 

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to kschultz

‎10-29-2014 09:16 AM

You might want to reach out to your SE for commitment/confirmation. 

From what I know it going to end up with TLS 1.2 support in next big release (4.0?)

0 Helpful
Customers Also Viewed These Support Documents