Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ramesh_M
New Contributor

Need to block SSL version 3

Hi Team,

 

Kindly help me to block sslv3 in FortiOS 5.

 

Regards / Ramesh M

Ramesh M Technical Specialist - CCNA(Security), FCNSP, ACE, ASE, ITIL blogs.itzecuriry.in

Ramesh M Technical Specialist - CCNA(Security), FCNSP, ACE, ASE, ITIL blogs.itzecuriry.in
25 REPLIES 25
b_row
New Contributor

Paul, Yes, but in this case with windows XP FortiClient SSLVPN  only work with SSL2, SSL3 or TLS 1.0; Follow windows 7 supported screen without these options in active FortiClient SSLVPN connects not using TLS 1.1 and 1.2; Hope this helps

emnoc
Esteemed Contributor III

I just notice you said "Windows XP". Why are you using an outdated unsupported OS? I doubt  FTNT will lift a finger trying to make this work and support newer support  SSL protocols . Just move to something supported and get away from  XP imho.

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
emnoc
Esteemed Contributor III

Q:

So if  FC is dependent on the IE browser settings, what happens if your remove the IE browser component?

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
jaustgen
New Contributor

I don't know.

Paul_S

emnoc wrote:

Q:

So if  FC is dependent on the IE browser settings, what happens if your remove the IE browser component?

 

IE only lets you control the major SSL/TLS options. to control SSL/TLS with or without IE, you must use the registry.

 

How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll [link]https://support.microsoft.com/en-us/kb/245030[/link]

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x                   [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5  |  Fortimail 5.3.11 Network+, Security+

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
Ameer
New Contributor

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors