Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JhonRay
New Contributor

CBC ciphers for VPN portal

Dears,

 

I got this report from security assesment department,

 

Obsoleted CBC ciphers (AES, ARIA etc.) offered

 

CBC cipher.jpg

The VPN fortinet hardware 1500d

Could you please help me?

788888
788888
2 REPLIES 2
funkylicious
Contributor III

geek
ede_pfau
Esteemed Contributor III

You can get rid of some obsolete algorithms in CLI like this:

config vpn ssl settings
    set banned-cipher "AES" "3DES" "CAMELLIA" "SHA1" "STATIC"
end

Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors