How to enable "Secure Web Mode SSL Protocol" on wlc 9800
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2023 01:23 AM
This "config network secureweb cipher-option high enable" command is enable HTTPS on WLC version 8.5.x but i don't know about this commands in WLC 9800
I found a security vulnerability follow detail on below.
- TLS/SSL Weak Message Authentication Code Cipher Suites
- TLS/SSL Server Supports The Use of Static Key Ciphers
- TLS Server Supports TLS version 1.1
- TLS/SSL Server Does Not Support Any Strong Cipher Algorithms
So i need to fix this issue if not upgrade versions. I tried to figure out the details. but not found.
BR.
- Labels:
-
Catalyst Wireless Controllers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2023 01:47 AM - edited 03-08-2023 04:51 AM
- Have a look at this document https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-6/configuration_guide/sec/b_176_sec_9600_cg/configuring_secure_socket_layer_http.html , I mention it because it refers to IOS-XE which is also used on the 9800 platform , especially look into ip http secure-ciphersuite ?
And the subsequent options shown (e.g.) , sorry for font switch , not intended ,
Use this command to check result of config changes on the
controller before or adding ciphers e.g :
nmap --script ssl-enum-ciphers -p 443 wlc9800
You can configure
ip http tls-version TLSv1.3
in the controller configuration (disables TLSv1.1 and 1.2)
M
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
