Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
G_W_Albrecht
Legend Legend
Legend
Jump to solution

RA VPN Security Scan finds vulnerabilities

SMB 14xx with VPN Remote Access enabled had a Security Scan performed that found the following vulnerabilities:

"'Vulnerable' cipher suites accepted by this service via the TLSv1.2 protocol:

TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)"

"'Weak' cipher suites accepted by this service via the TLSv1.2 protocol:

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_RC4_128_SHA"

According to sk162794, ciphers and MACs can not be restricted on SMBs, but sk104095 helped a lot !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend

sk104095 tells about Advanced settings:

RC43DES.png

So if we set both RC4 and 3DES to false, Security Scan is much happier:

scan2.png

Much better now 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

0 Kudos
1 Reply
G_W_Albrecht
Legend Legend
Legend

sk104095 tells about Advanced settings:

RC43DES.png

So if we set both RC4 and 3DES to false, Security Scan is much happier:

scan2.png

Much better now 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events