This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
johnnyringo
Advisor
‎2021-04-06 03:38 PM

Disabling Weak Ciphers (Specifically DES) for IPSEC on R80.30 and R80.40

A new R80.30 cluster has been flagged by Qualys as supporting "Weak IPSec Encryption Settings".  I assumed this was over SHA-1 or 1024-bit keys, but got a bit of a surprise when I viewed the report and saw that it was complaining of DES.  Like RC4 and MD5, DES has been obsolete for about 20 years and there's absolutely no reason to have it enabled or even supported for that matter.  

 

But, how do I disable it?  It's not clear to me if unchecking it in traditional mode is adequate, or I should be looking somewhere else.  

Security Gateway Appliances 

Security Gateway Appliances
Security Gateway Appliances
Security Platforms & Management
0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2021-04-06 07:30 PM

https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.SearchResultMainAction&eve...

0 Kudos
johnnyringo
Advisor
‎2021-04-06 09:19 PM
In response to PhoneBoy

Thanks.  The steps left me a bit confused because we're not configuring VPNs via Traditional Mode (which is the default) and this is a fresh policy created in R80.30.  Also, we don't use Remote Access VPN.  But I'll give that a shot and ask for a re-scan.

CheckPointR8040VPNConfigMethod.png

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events