In a pinch and to find or prove a F5 LTM is NOT negotiating SSL protocols, you can run the following command from the TMSH
If you build a list of SSL_profiles you could run these thru a ssh session and against each profile to find what profile is negotiating SSL v2 or v3
e.g
e.g
echo -e "show ltm profile client-ssl | grep ClientSSL" | ssh <username@ltmaddress> | awk ' { print$3}' > listofprofiles.txt
show ltm profiles client-ssl <profilename> | grep Proto
for p in ` cat file.txt`; do do echo -e "checking profile $p\n"; echo -e "\n"; echo -e "show ltm profile client-ssl $p | grep Proto" | ssh username@ltm_address ;done
Doing this approach is a quick sure way for finding SSL enable virtual-servers client-ssl profiles that are using SSL protocols.
No comments:
Post a Comment