Configure SSL settings
This task enables you to configure SSL settings for remote access VPN sessions, allowing you to specify protocol versions, security levels, and available algorithms to ensure secure communication.
You must have administrator privileges and be in a leaf domain to perform this task.
Make sure that you are running a fully licensed version of the Cloud-Delivered Firewall Management Center. The SSL Settings are disabled if you are running Cloud-Delivered Firewall Management Center in evaluation mode. SSL Settings are also disabled if the licensed Cloud-Delivered Firewall Management Center version does not meet the export-compliance criteria. If you are using Remote Access VPN with SSL, your Smart Account must have the strong-crypto features enabled. For more information, see License types and restrictions.
Before you begin
Ensure you have administrator privileges and are in a leaf domain. Verify that you are running a fully licensed version of the management center with strong-crypto features enabled if using Remote Access VPN with SSL.
Procedure
Step 1 | Select and create or edit a Firewall Threat Defense policy. |
Step 2 | Select SSL. |
Step 3 | Add entries to the Add SSL Configuration table.
|
Step 4 | Select the Available Algorithms based on the protocol version that you select and click Add to include them for the selected protocol. For more information, see SSL settings field descriptions. The algorithms are listed based on the protocol version that you select. Each security protocol identifies a unique algorithm for setting up the security level. |
Step 5 | Click OK to save the changes. |
What to do next
Select and click Deploy to deploy the policy to the assigned devices.