SRX

 View Only
last person joined: 12 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Web-Management Ciphers

    Posted 02-01-2021 23:12
    Hi,

    Is there a way to change the ciphers that are in use with web-management?
    I have found that I can change the ciphers for SSH, but I haven't yet found anything for SSL/TLS.

    Any suggestions?


  • 2.  RE: Web-Management Ciphers

    Posted 02-02-2021 19:34
    I don't use web management so I'm not sure this applies there too, but you can adjust the termination ciphers when using SRX web features under
    services > ssl > termination

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/custom-ciphers-edit-services-ssl-proxy-profile.html

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Web-Management Ciphers

    Posted 02-03-2021 15:22
    Thanks,

    I checked with JTAC, and there's no permanent fix to this, except for disabling JWeb completely.
    I'm fine with that, as I learned on the CLI. However, there's some other admins who would prefer to see the FW rules in a GUI form. It's not a big vulnerability, I think I might leave it as it is.