Solved: DHE and ECDHE Cipher in cisco 5508 controller

KarthickRaja23 · ‎08-03-2020

Hi Team,

Please let me know which version of 5508 controller supports DHE and ECDHE ciphers for Secure web connection.

Leo Laohoo · ‎08-03-2020

Read Check Points for CC Mode Operation. It touches ECDHE.

I don't see any mention of ECDHE in 8.10.130.0 Release Notes.

View solution in original post

Leo Laohoo · ‎08-03-2020

9800 running 16.11.X.

KarthickRaja23 · ‎08-03-2020

Hi Leo,

Thanks for the response.

So it is not supported in 5508/ 5520 controller and supported only in 9800 controllers running 16.11.x. Kindly confirm

Leo Laohoo · ‎08-03-2020

Read Check Points for CC Mode Operation. It touches ECDHE.

I don't see any mention of ECDHE in 8.10.130.0 Release Notes.

Scott Fella · ‎08-03-2020

This is not documented anywhere, because I was looking for it last week prior to a pen test. You are better if either opening a case with TAC to ask that question or ask your Cisco rep to get that information from you. For us, it was more of what ciphers were marked as weak as you can disable which ciphers you want to not use. On the 9800’s you can, but you have a subset of cipher suites to choose from. Some of the DHE and ECDHE are also tagged as weak, so you need to know what “they” want disabled, not why are you not using these cipher suites.

-Scott
*** Please rate helpful posts ***

KarthickRaja23 · ‎08-03-2020

Thank you for your comments Scott.