VPN: Site to Site and Remote Access Can someone explain why SSL v3 is shown?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 2 subscribers
Views 1645 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can someone explain why SSL v3 is shown?

dark moon over 8 years ago

My SSL Vpn works fine, but i would like to know why SSLv3 is shown in the logfile once connected.

Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA

Is there anyway to "harden" the connection to disable SSLv3 and possibly TLS 1.0 too, so that is never used at all?

This thread was automatically locked due to age.

Parents

0 dark moon over 8 years ago
It would appear the latest Sophos XG update has this disabled this by default. So lets hope Sophos do the same for the OpenVPN SSL Client.

NC-8116 [Framework(UI)] Disable TLS1.0 and TLS1.1 support for Webadmin and Userportal
Regards Simon

Sophos XG 17.5.1 MR-1 | Dell 7010 | Intel(R) Core(TM) i5-3550 CPU @ 3.70GHz | 8GB Memory
Samsung EVO 850 120GB SDD | 1x Intel 82574L / 2x 82571EB Gigabit Ethernet Controller (rev 06)
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 dark moon over 8 years ago
It would appear the latest Sophos XG update has this disabled this by default. So lets hope Sophos do the same for the OpenVPN SSL Client.

NC-8116 [Framework(UI)] Disable TLS1.0 and TLS1.1 support for Webadmin and Userportal
Regards Simon

Sophos XG 17.5.1 MR-1 | Dell 7010 | Intel(R) Core(TM) i5-3550 CPU @ 3.70GHz | 8GB Memory
Samsung EVO 850 120GB SDD | 1x Intel 82574L / 2x 82571EB Gigabit Ethernet Controller (rev 06)
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data