This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable Weak SSL Security

we are running Firmware version 9.709-3 with pattern version 207145

we had a level 2 pen test audit and it showed that we are running with some weak  security TLSv1.0 and TLSv1.1 

How do I go about disabling these TLS protocols, we already only accept TLSv1.2 for emails from within the SMPT > Advance >TLS settings

Thanks



This thread was automatically locked due to age.
Parents
  • Well, 9.710 was just released and it got rid of the SSLVPN client, requiring the Sophos Connect client.  I wonder if they cleaned up TLS versions there as well.

    Might be something to ask support to see if they can tell you.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • Well, 9.710 was just released and it got rid of the SSLVPN client, requiring the Sophos Connect client.  I wonder if they cleaned up TLS versions there as well.

    Might be something to ask support to see if they can tell you.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data