Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
m_raza
New Contributor

Upgrade SSH and SSL version

I need to do some modification on my Fortigate firewall 200D and for this I need some help. I am using SSH V1 and now i need to change it to SSH V2 and i also need to upgrade SSL V1 to higher one and increase encryption ciphers with a key length of at least 128 bits.

2 REPLIES 2
anil_nayak_FTNT

1.  to change it to SSH V2. -->Please configure the following , Supported SSH protocol versions, ciphers, and bit strengths include SSH version 2 with AES-128, 3DES, Blowfish, and SHA-1 config system global set admin-ssh-v1 disable <--- end 

 

2. to upgrade SSL V1 to higher one and encryption ciphers with a key length of at least 128 bits

 

config system global set strong-crypto enable <-------- end 

 

http://kb.fortinet.com/kb/microsites/search.docmd=displayKC&docType=kc&externalId=FD36913&sliceId=1&...

Regards Anil 

emnoc
Esteemed Contributor III

Also don't forget  sslvpn settings

 

config vpn ssl setting

 

  set algorithm high

  set sslv3 disable

  set sslv2  disable

 

end

 

PCNSE 

NSE 

StrongSwan