How to disable certain cipher suite when enabling WAF policy with SSL decryption?

Dasani1995 Lv1Posted 28 Nov 2023 19:33

Hi, I'm looking for any documentation or guide on how to disable certain cipher suite or TLS 1.0/1.1 when enabling access to a web server with WAF policy and SSL decryption in place?

I've enable WAF policies and set the decryption, however upon checking with SSL checker, the checker detected that TLS 1.0 and 1.1 is still supported. This include variety of obsolete cipher suites enabled e.g TLS_RSA_WITH_NULL_MD5 (0x1).

And this is not NGAF webGui TLS checkbox setting, but rather access to a webserver with WAF policy and decryption turn on properly (all certificates are properly configured)

Any help on this is highly appreciated. Thank you in advance.

By solving this question, you may help 698 user(s).

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Newbie405830 Lv1Posted 11 Jan 2024 16:54
I have the same issue with SSL Decryption that's enable TLS 1.0 and TLS 1.1, anyone help please.
I already create support case but not any response
NandangGozali Lv1Posted 25 Jan 2024 11:44
This is a some bug on the Sangfor NGAF and Sangfor Engineer make some change on Back End when remote session. I think Sangfor Development Team need to build some UI feature to disable TLS and weak ciphers on SSL Decryption.

I Can Help:


Moderator on This Board


Started Topics




Started Topics



Board Leaders