Reset Search
 

 
Article

13315 - What are the Supported Cipher Suites on the Pulse Secure Virtual Traffic Manager (vTM)?

Printable View
« Go Back

Information

 
Last Modified Date11/27/2017 1:28 AM
Synopsis

What are the Supported Cipher Suites on the Pulse Secure Virtual Traffic Manager (vTM)?

This article lists and provides information on the supported Cipher Suites for Pulse Secure Virtual Traffic Manager (vTM) 20.1 in SSL decrypt and/or encrypt mode.
Problem or Goal
Not Applicable
Cause
Not Applicable
Solution
The SSL Configuration settings can be viewed from System > Global Settings > SSL Configuration .   

User-added image

The information below includes the 'Elliptic Curve' ciphers added starting in vTM version 20.1 and was taken from a vTM running 20.1. The cipher suites in Version 20.1 are referred to as 'ssl!cipher_suites' and it includes SSLv3 and TLS.
 
The default order is:
 
1TLS_AES_128_GCM_SHA256 (0x13, 0x01)
2TLS_AES_256_GCM_SHA384 (0x13, 0x02)
3SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xC0, 0x2B)
4SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xC0, 0x23)
5SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC0, 0x09)
6SSL_RSA_WITH_AES_128_GCM_SHA256 (0x00, 0x9C)
7SSL_RSA_WITH_AES_128_CBC_SHA256 (0x00, 0x3C)
8SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x00, 0x40)
9SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC0, 0x2F)
10SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x00, 0x9E)
11SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC0, 0x27)
12SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x00, 0x67)
13SSL_RSA_WITH_AES_128_CBC_SHA (0x00, 0x2F)
14SSL_DHE_DSS_WITH_AES_128_CBC_SHA (0x00, 0x32)
15SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC0, 0x13)
16SSL_DHE_RSA_WITH_AES_128_CBC_SHA (0x00, 0x33)
17SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC0, 0x2C)
18SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xC0, 0x0A)
19SSL_RSA_WITH_AES_256_GCM_SHA384 (0x00, 0x9D)
20SSL_RSA_WITH_AES_256_CBC_SHA256 (0x00, 0x3D)
21SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x00, 0x6A)
22SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC0, 0x30)
23SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x00, 0x9F)
24SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x00, 0x6B)
25SSL_RSA_WITH_AES_256_CBC_SHA (0x00, 0x35)
26SSL_DHE_DSS_WITH_AES_256_CBC_SHA (0x00, 0x38)
27SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC0, 0x14)
28SSL_DHE_RSA_WITH_AES_256_CBC_SHA (0x00, 0x39)
 
Note: The number in parentheses refers to the IANA registered value.

In addition, the following cipher suites are supported but disabled by default:
 
1SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xC0, 0x24)
2SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC0, 0x28)
3SSL_RSA_WITH_3DES_EDE_CBC_SHA (0x00, 0x0a)
4SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x00, 0x13)
5SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x00, 0x16)
6SSL_RSA_WITH_RC4_128_SHA (0x00, 0x05)
7SSL_RSA_WITH_RC4_128_MD5 (0x00, 0x04)
8SSL_RSA_WITH_DES_CBC_SHA (0x00, 0x09)
9SSL_DHE_DSS_WITH_DES_CBC_SHA (0x00, 0x12)
10SSL_DHE_RSA_WITH_DES_CBC_SHA (0x00, 0x15)
11SSL_RSA_WITH_NULL_SHA256 (0x00, 0x3B)
12SSL_RSA_WITH_NULL_SHA (0x00, 0x02)
13SSL_RSA_WITH_NULL_MD5 (0x00, 0x01)
Related Links
Attachment 1 
Created ByCode Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255