Protection from TLS protocol downgrade attacks
The ssl-client-fallback
option, when enabled (the default configuration), performs downgrade attack prevention (RFC 7507).
Command syntax is:
config firewall vip
edit server-name
set type server-load-balance
set server-type https
set ssl-client-fallback {disable | enable}