Fortinet black logo

Handbook

Protection from TLS protocol downgrade attacks

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:140351
Download PDF

The ssl-client-fallback option, when enabled (the default configuration), performs downgrade attack prevention (RFC 7507).

Command syntax is:

config firewall vip

edit server-name

set type server-load-balance

set server-type https

set ssl-client-fallback {disable | enable}

The ssl-client-fallback option, when enabled (the default configuration), performs downgrade attack prevention (RFC 7507).

Command syntax is:

config firewall vip

edit server-name

set type server-load-balance

set server-type https

set ssl-client-fallback {disable | enable}