ran my zywall usg 100 3.0 aqq.4 router through »www.ssllabs.com/ssltest/index.html and came back with a grade of "C", primarily due to weak cipher strength and key exchange. If I could get rid of these it would be better:
TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x3) WEAK 40
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x8) WEAK 40
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x14) DH 512 bits (p: 64, g: 1, Ys: 64) FS WEAK 40
TLS_RSA_WITH_DES_CBC_SHA (0x9) WEAK 56
TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK 55
And of course I would be quite happy if we could use ECDHE in addition to DHE as Internet Explorer does not support DHE yet we need it for Perfect Forward Secrecy when using RDP in this SSL_VPN.
Has anyone else tested their SSL_VPN or made improvements?
You can make changes to the USG's cipher suite through command line.
To get the full list of the current cipher list go into configuration mode
Router> configure terminal
Router(config)# show ip http server secure cipher-list
To make changes to the cipher suite you can use
ip http secure-server strong-cipher
This essentially removes
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
Or you can use
ip http secure-server cipher-suite rc4
Use these are your own risk. The USG's aren't necessarily going to handle the extra processing required for higher level encryptions and depending on your browser settings if it doesn't support the cipher then you won't be able to access the USG's GUI over HTTPS after making these changes.
But at most this is what you can do to strengthen the ciphers on the USG from it's defaults.
Many many thanks. Using the ip http secure-server strong-cipher bumps the grade level up to an "A".
Evidently the usg 100 can not handle the rc4 cipher-suite. I can see some of the ciphers I would love to use for pfs with internet explorer -- are all of those part of the RC4 suite?
IE 7 / Vista and IE 8-10 / Win 7 use TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA which I assume matches ECDH-ECDSA-AES128-SHA from show ip http server secure cipher list . Then RDP would be covered in most of my situations. It would be lovely if I could get IE 11 / Win 8.1 which uses TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, but that will also require improved endpoint secure to reduce trojan/keylogger risk. The ECDHE for safari needs RC4 and thus is out of reach for the USG 100, but chrome, firefox, and opera are already covered.
show ip http server secure status also makes reference to anti beast attack. I assume this is in IDP. Again, many thanks.