"Can you see if our we can update the firmware in our Ruckus equipment? We have TLS1.0 and need 1.3. They are popping up in vulnerability scans that the lower TLS level is a weak spot in the system and need updating."
They have 2 R320 AP's (v. 22.214.171.124.212) and a 7150-C12 switch.
I'm unsure if updating the firmware will solve their issue. I wanted to reach out here before I blindly updated and see if anyone could provide an answer.
I would suggest to try the below and perform a scan again (the commands are disable weak tls cipher) :
SSH to the Unleashed Master and execute the below commands:
ruckus> enable ruckus# debug ruckus(debug)# show tls TLS= Support TLS 1.0 and TLS 1.1 ruckus(debug)# no support-tls 1.0-1.1 Are you sure you want to change whether support TLSv1.0 and TLSv1.1, If yes, it will reboot Master.[Y/n] Y
Once the AP reboots and comes back online, SSH to the Master AP and execute the same "show tls" command under the debug mode. It will show "Not support TLS 1.0 and TLS 1.1"
ruckus> ruckus> enable ruckus# ruckus# debug ruckus(debug)# ruckus(debug)# show tls TLS= Not support TLS 1.0 and TLS 1.1