Hi all,
Our security team has asked us to disable RC4 cipher suites on our UAGs. Currently, the list shows TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 but I'm not sure what needs to be added to disable RC4.
Anyone have any experience with this?
Hi,
RC4 cipher suite is disabled in UAG by default, so you don't need to disable RC4 manually.
And there is no RC4 cipher suite in your list.
I think in your environment something else does SSL termination as CR4 is not allowed if not changed in the config.
- Alex