james_hicks_1llyvfrbnsmqe's profile

2 Messages

 • 

90 Points

Mon, Nov 12, 2018 12:16 PM

Is it possible to disable TLS 1.0 on the Zonedirector ZD1200 firmware version 10.1?

Is it possible to disable TLS 1.0 on the Zonedirector ZD1200 firmware version 10.1?

Responses

Employee

 • 

94 Messages

 • 

2.1K Points

3 y ago

Hi James,

TLSv1.0 is disabled in 10.1.1.0.55.
<From Release notes Text>
TLSv1.0 has been disabled in this release due to security concerns, and ZoneDirector now supports only TLSv1.1 and v1.2.

Regards,
-Ankush

4 Messages

 • 

90 Points

2 y ago

Our ZoneDirector 1200 on 10.3.0.0 build 398 but my nessus scan reports that it has the SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)

Official Rep

 • 

248 Messages

 • 

4.2K Points

2 y ago

Hi,

To understand the TLS version currently used, SSH into the AP and check the TLS version with the command "get tls-version". If the output is as below then the TLS version 1.0 is been used.

rkscli: get tls-version
Minimum TLS Version: tlsv1
OK

To disable tls 1.0 on the AP, set the tls to 1.1 or 1.2 with the below command.
rkscli:set tls-version tlsv1.2

To disable the tls version 1.0 on the Zone director, use the below command.

ruckus> en
ruckus# debug
You have all rights in this mode.
ruckus(debug)# no support-tls 1.0
Are you sure you want to change whether support TLSv1.0, If yes, it will reboot ZoneDirector.[Y/n]

Note: ZD will reboot.

Regards,
Sanjay Kumar

Important Announcement