FortiAP 320c - Weak SSH MAC algorithms enabled

Forum|Forum|7 years ago
March 27, 2019
1 reply
3994 views

Hello,

We currently have about 12 of these 320c AP's on our network running the latest 6.0 firmware, these are managed thru FortiGate console on our firewall.

recently we got flagged with "SSH Weak MAC Algorithms Enabled" on a compliance scan.

While reading on the documentation it seems we have all configuration up to standard and I can't seem to clear this vulnerability.

/outdated SSH ciphers. all the 'fixes' that I found are to be applied on the firewall via the 'Config Sys Global' command,but doesn't seem to apply for the AP's.

Has anyone fixed this? and what did you had to do?

Thanks in advance.

Ivanr4g63Author

New Member

in your experience - is the only way to manage the allowed SSH algorithms that the AP's handle is from the FortiGate console?

abelio

SuperUser

Ivanr4g63 wrote:
in your experience - is the only way to manage the allowed SSH algorithms that the AP's handle is from the FortiGate console?

what's the problem with that?

After all, Fortigate is your WLL controller, it makes sense.

Ivanr4g63Author

New Member

abelio wrote:

what's the problem with that?
After all, Fortigate is your WLL controller, it makes sense.

Problem? There is no problem. Do you know how to make these changes so that the FortiAP's adjust the SSH Ciphers that are used?

I've tried comments such as below and similar posts, no help. any pointers greatly appreciated.

[link]https://forum.fortinet.com/tm.aspx?m=152796[/link]

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded