cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
TG_Mai
Ivory

Disable CBC mode cipher and enable GCM cipher mode for https inspection

hello 

we have R80.10 with https inspection on, does anyone know how to disable the CBC mode cipher for TLS_ECDHE_RSA * in the https inspection?

There an SK show how to allow specific cipher suites only for VPN in R80.10

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

any help would be great, thank you.

TG

0 Kudos
1 Reply
Admin
Admin

Re: Disable CBC mode cipher and enable GCM cipher mode for https inspection

See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Note that if you're using HTTPS Inspection, it's a good idea to upgrade to R80.30 as it supports additional ciphers, has a better utility to configure what it supported/allowed, and improved SNI support.
0 Kudos