Filter
Top Products
CHAPTER
40-1
Cisco ASDM User Guide
OL-16647-01
40
Configuring SSL Settings
SSL
The security appliance uses the Secure Sockets Layer (SSL) protocol and its successor, Transport Layer
Security (TLS) to achieve secure message transmission for both ASDM and Clientless, browser-based
sessions. The SSL window lets you configure SSL versions for clients and servers and encryption
algorithms. It also lets you apply previously configured trustpoints to specific interfaces, and to
configure a fallback trustpoint for interfaces that do not have an associated trustpoint.
Fields
• Server SSL Version—Choose to specify the SSL/TLS protocol version the security appliance uses
to negotiate as a server. You can make only one selection.
Options for Server SSL versions include the following:
Note To use port forwarding for Clientless SSL VPN, you must select Any or Negotiate SSL V3. The issue is
that JAVA only negotiates SSLv3 in the client Hello packet when you launch the Port Forwarding
application.
• Client SSL Version—Choose to specify the SSL/TLS protocol version the security appliance uses
to negotiate as a client. You can make only one selection.
Any The security appliance accepts SSL version 2 client hellos, and negotiates
either SSL version 3 or TLS version 1.
Negotiate SSL V3 The security appliance accepts SSL version 2 client hellos, and negotiates
to SSL version 3.
Negotiate TLS V1 The security appliance accepts SSL version 2 client hellos, and negotiates
to TLS version 1.
SSL V3 Only The security appliance accepts only SSL version 3 client hellos, and uses
only SSL version 3.
TLS V1 Only The security appliance accepts only TLSv1 client hellos, and uses only TLS
version 1.