Security

Reply
Highlighted
Occasional Contributor II

Disabling TLS

Hi Guys, just want to ask if in CPPM 6.6.7, can disable TLS 1.0 and TLS 1.1 support? I can only see to disable TLS 1.0 but how about TLS 1.1.

Thanks


Accepted Solutions
Highlighted

Re: Disabling TLS

Cluster wide parameters 

 

 

Screen Shot 2018-02-20 at 2.20.21 AM.png

 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.

View solution in original post


All Replies
Highlighted

Re: Disabling TLS

Cluster wide parameters 

 

 

Screen Shot 2018-02-20 at 2.20.21 AM.png

 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.

View solution in original post

Highlighted

Re: Disabling TLS

This is a screen shot of 6.7.1 but release notes says it was introduced in 6.6.3

l A new cluster-wide parameter lets you enable or disable TLS v1.1. To use this feature, go to the Administration > Server Manager > Server Configuration > 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Highlighted
Occasional Contributor II

Re: Disabling TLS

Hi tarnold, in my version 6.6.7 I only see Disable TLS 1.0. Do I need to upgrade?

Highlighted

Re: Disabling TLS

No, I just check a 6.6.7 and it is listed. Screen Shot 2018-02-20 at 2.50.04 AM.png

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Highlighted
Occasional Contributor II

Re: Disabling TLS

sorry, I saw it now. I overlooked it. thanks

Highlighted
Moderator

Re: Disabling TLS

It is not recommended to disable 1.1.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
New Contributor

Re: Disabling TLS

We are running 6.5.4.3 on a 7210 controller.  I can not find anywhere to allow or disallow TLS 1.0.  I want to disable TLS 1.0 and enable TLS 1.1 and up but I am not finding it anywhere in the GUI.  Should I be considering doing a firmware upgrade to get those commands?

Highlighted
Occasional Contributor II

Re: Disabling TLS

Even disabling TLS 1.0 in cluster wide parameters (ALL) can have wide impact in unmanaged mac environment (college student owned), as I have found out today. Older Macs and Windows 8 could not connect to 802.1x peap even with re-adding the network. It broke on 10.12.6 and didn't break on 10.14. Not sure about in between those versions. As soon as I rolled back the setting on clearpass, most clients reconnected automatically. Some clients needed to forget network and re-add after I reverted the clearpass setting.

Looks like I'll be updating the stated minimum requirements documentation for new student macs and hope to make the change in the summer.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: