Technical Tip: SSL Error(267) - wrong version number is seen frequently in the log with FortiWeb 5.3
Description
Since FortiWeb 5.3 the following error message may been seen in the log:
SSL Error(267) - wrong version number
This error is caused by a browser accessing the FortiWeb VIP using an unsupported SSL version.
In 5.3, FortiWeb can support SSLv3.0/TLS1.0/TLS1.1/TLS1.2 but certain deployments have chosen to disable SSLv3.0 due to POODLE to attack, CVE-2014-3566 and CVE-2014-8730.
A browser using SSLv3.0 and accessing a FortiWeb HTTPS policy, where SSLv3.0 has been disabled, can provoke this error to appear in the log.
SSL Error(267) - wrong version number
This error is caused by a browser accessing the FortiWeb VIP using an unsupported SSL version.
In 5.3, FortiWeb can support SSLv3.0/TLS1.0/TLS1.1/TLS1.2 but certain deployments have chosen to disable SSLv3.0 due to POODLE to attack, CVE-2014-3566 and CVE-2014-8730.
A browser using SSLv3.0 and accessing a FortiWeb HTTPS policy, where SSLv3.0 has been disabled, can provoke this error to appear in the log.