HPE Community
LAN Routing
1753835 Members
7149 Online
108806 Solutions
New Discussion

Re: Disable SSL 3.0 HPE FF 5700 Switches

 
SOLVED
Go to solution
Kevin_cambs_uk
Visitor

‎05-22-2019 01:56 AM

‎05-22-2019 01:56 AM

Disable SSL 3.0 HPE FF 5700 Switches

Hi all

We have some new HPE Flex Fabric 5700 switches, HPE FF 5700-40XG-2QSFP+ Switch

Very nice they are too, however they ship with SSL 3.0 enabled.

I have sent a day trying to figure out how to disbale SSL3.0 and force the web interface onto SSL 1.0 at the very least, but I am still struggling. I cannot see any option in the web gui, or via the telnet login.

If anyone from HPE could point me in the right direction that would be most welcome.

Kev

 

0 Kudos
4 REPLIES 4
parnassus
Honored Contributor

‎05-22-2019 05:44 PM

‎05-22-2019 05:44 PM

Re: Disable SSL 3.0 HPE FF 5700 Switches

Forcing SSL 1.0? are you really sure about what you wrote?

IMHO you probably want to disable SSL 3.0 in favour of TLS 1.0, 1.1 or 1.2.

IIRC isn't there a CLI command (available in system view mode) like the ssl version { ssl3.0 | tls1.0 | tls1.1 } disable ...clearly it depends on how recent is the running software (and, if available, it requires you disable/enable the https service with undo ip https enable followed by a ip https enable).

Any feedback on HPE FlexFabric 5700 guides?

Does HPE FlexFabric 5700 (JG896A) Release Notes document report something interesting about SSL 3.0 (it does, check!)?


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
Kevin_cambs_uk
Visitor

‎05-23-2019 01:23 AM

‎05-23-2019 01:23 AM

Re: Disable SSL 3.0 HPE FF 5700 Switches

Thanks for the reply,

All sorted...

I have worked out how to disble ssl3.0 so the default will be 1.0 at the very least

The commands were via telnet and if anyone here wants to know it was a simple case of

system-view

ssl version ssl3.0 disable

So now onto trying to work out how to disbale iP forwarding!

Thanks

Kev

 

 

 

0 Kudos
parnassus
Honored Contributor

‎05-23-2019 04:25 AM

‎05-23-2019 04:25 AM

Re: Disable SSL 3.0 HPE FF 5700 Switches

Hi, exactly as I wrote you above...


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
Kevin_cambs_uk
Visitor

‎05-23-2019 05:43 AM

‎05-23-2019 05:43 AM

Solution

Re: Disable SSL 3.0 HPE FF 5700 Switches

Yes, sorry, I didnt read youre  reply correctly!

but thanks again for replying, its appreciated!

 

Kev

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.