Hello,
We currently have about 12 of these 320c AP's on our network running the latest 6.0 firmware, these are managed thru FortiGate console on our firewall.
recently we got flagged with "SSH Weak MAC Algorithms Enabled" on a compliance scan.
While reading on the documentation it seems we have all configuration up to standard and I can't seem to clear this vulnerability.
/outdated SSH ciphers. all the 'fixes' that I found are to be applied on the firewall via the 'Config Sys Global' command,but doesn't seem to apply for the AP's.
Has anyone fixed this? and what did you had to do?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
in your experience - is the only way to manage the allowed SSH algorithms that the AP's handle is from the FortiGate console?
Ivanr4g63 wrote:what's the problem with that?in your experience - is the only way to manage the allowed SSH algorithms that the AP's handle is from the FortiGate console?
After all, Fortigate is your WLL controller, it makes sense.
regards
/ Abel
abelio wrote:
what's the problem with that?
After all, Fortigate is your WLL controller, it makes sense.
Problem? There is no problem. Do you know how to make these changes so that the FortiAP's adjust the SSH Ciphers that are used?
I've tried comments such as below and similar posts, no help. any pointers greatly appreciated.
[link]https://forum.fortinet.com/tm.aspx?m=152796[/link]
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1690 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.