Created on 03-14-2011 06:07 AM Edited on 02-05-2024 09:54 AM By Stephen_G
Description
This article explains how to strengthen SSL ciphers when using FortiOS.
Scope
FortiOS v4.0 and above.
FortiOS v4.0 MR3 and above for SSL offload and Wan Optimization.
Solution
To strengthen HTTPS access to the FortiGate connect to the CLI and run the following commands:
To strengthen SSL VPN ciphers run the following commands on the CLI:
config system global
set strong-crypto enable
end
Use FortiOS v4.0 MR3 and above to run these commands for SSL offload and Wan Optimization.
config vpn ssl settings
set sslv2 disable
set sslv3 enable
set algorithm high
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.