AnsweredAssumed Answered

SSL Renegotiation on ASA

Question asked by Pavel Jiracek on Sep 8, 2017
Latest reply on Sep 14, 2017 by Ivan Ristić

Hi there,

I've recently used the Qualys SSL Reports to check certificates on our 2 ASAs configured with SSL VPNs. They are the same HW platform Cisco 5525 and run the same SW 9.4(2)11. The SSL settings are the same as far as I can see. Now one of them comes up with "Secure Renegotiation not supported" and "The server does not support Forward Secrecy with the reference browsers" and the other one passes these tests OK.

Both devices have Group Policy/advanced/AnyConnect Client/Key regeneration/renegotiation Method = none

Can anybody point me in the right direction where I could fond out what goes on here.

Thanks

Outcomes