FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
msingh_FTNT
Staff
Staff

Description
The 3DES and SHA1 ciphers have been removed from the strong cipher list in FortiOS v7.0.0.
This is preventing some FortiAP and older FortiAP images using weaker ciphers from connecting to the FortiGate.

This article describes how to fix this issue.

 

Scope
FortiGate


Solution
To workaround this issue, it is required to enter the following commands on the FortiGate:

 

# config system global
    set ssl-static-key-ciphers enable
    set strong-crypto disable
end

 

Note.
Once the configuration change has been made it is required to restart the acd demon.

 

# execute wireless-controller restart-acd

 

Contributors