Fortigate Vulnerabilities Remediation

Forum|Forum|6 years ago
June 28, 2019
1 reply
2620 views

Greetings,

We have a customer who wishes us to disable SSLv3 and enable TLS on their FortiGate VM64 firewall. They also want us to reconfigure the SSLVPN to no longer use the EDH-RSA-DES-CBC3-SHA and DES-CBC3-SHA cipher suites. Is this possible? If so, how can one achieve this?

Thanks,

-Nick

hubertzw

New Member

Hi

config vpn ssl settings
    set sslv3   {enable | disable}   sslv3
    set tlsv1-0 {enable | disable}   Enable/disable TLSv1.0.
    set tlsv1-1 {enable | disable}   Enable/disable TLSv1.1.
    set tlsv1-2 {enable | disable}   Enable/disable TLSv1.2.

More details here: https://kb.fortinet.com/k....do?externalID=FD43679

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded