Is it possible to disable TLS 1.0 on the Zonedirector ZD1200 firmware version 10.1?

Hi James,

TLSv1.0 is disabled in 10.1.1.0.55.
<From Release notes Text>
TLSv1.0 has been disabled in this release due to security concerns, and ZoneDirector now supports only TLSv1.1 and v1.2.

Regards,
-Ankush

Our ZoneDirector 1200 on 10.3.0.0 build 398 but my nessus scan reports that it has the SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)

Hi,

To understand the TLS version currently used, SSH into the AP and check the TLS version with the command "get tls-version". If the output is as below then the TLS version 1.0 is been used.

rkscli: get tls-version
Minimum TLS Version: tlsv1
OK

To disable tls 1.0 on the AP, set the tls to 1.1 or 1.2 with the below command.
rkscli:set tls-version tlsv1.2

To disable the tls version 1.0 on the Zone director, use the below command.

ruckus> en
ruckus# debug
You have all rights in this mode.
ruckus(debug)# no support-tls 1.0
Are you sure you want to change whether support TLSv1.0, If yes, it will reboot ZoneDirector.[Y/n]

Note: ZD will reboot.

Regards,
Sanjay Kumar