cancel
Showing results for 
Search instead for 
Did you mean: 

Client sent me this request about TLS and I'm not sure how to respond.

adam_boggs
New Contributor

"Can you see if our we can update the firmware in our Ruckus equipment?  We have TLS1.0 and need 1.3.  They are popping up in vulnerability scans that the lower TLS level is a weak spot in the system and need updating."

They have 2 R320 AP's (v. 200.9.10.4.212) and a 7150-C12 switch.

I'm unsure if updating the firmware will solve their issue.  I wanted to reach out here before I blindly updated and see if anyone could provide an answer.

Thank you,

-Adam

1 REPLY 1

vineet_nejawala
Moderator
Moderator

Hi Adam,

I would suggest to try the below and perform a scan again (the commands are disable weak tls cipher) :

SSH to the Unleashed Master and execute the below commands:


ruckus> enable
ruckus# debug
ruckus(debug)# show tls
TLS= Support TLS 1.0 and TLS 1.1
ruckus(debug)# no support-tls 1.0-1.1
Are you sure you want to change whether support TLSv1.0 and TLSv1.1, If yes, it will reboot Master.[Y/n]
Y

Once the AP reboots and comes back online, SSH to the Master AP and execute the same "show tls" command under the debug mode. It will show "Not support TLS 1.0 and TLS 1.1"

ruckus>
ruckus> enable
ruckus#
ruckus# debug
ruckus(debug)#
ruckus(debug)# show tls
TLS= Not support TLS 1.0 and TLS 1.1

Best Regards

Vineet