FortiGate encryption algorithm cipher suites
FortiGates use SSL/TLS encryption for HTTPS and SSH administrative access, and SSL VPN remote access. When establishing an SSL/TLS or SSH connection, you can control the encryption level and the ciphers that are used in order to control the security level.
HTTPS access
HTTP administrative access encryption is controlled using the following commands:
config sys global set strong-crypto {enable | disable} set admin-https-ssl-versions {tlsv1-1 tlsv1-2 tlsv1-3} end
When strong encryption is enabled, only TLS 1.2 and TLS 1.3 are allowed. If strong encryption is then disabled, TLS 1.1 has to be manually enabled.
Specific cipher suites are supported by each TLS version:
TLS version |
Supported Cipher Suites |
|
---|---|---|
TLS 1.11 |
ECDHE-RSA-AES256-SHA1 |
AES256-SHA1 |
ECDHE-RSA-AES128-SHA1 |
AES128-SHA1 |
|
TLS 1.2 |
ECDHE-RSA-AES256-GCM-SHA384 |
AES256-GCM-SHA3841 |
ECDHE-RSA-AES128-GCM-SHA256 |
AES128-GCM-SHA2561 |
|
ECDHE-RSA-CHACHA20-POLY1305 |
AES256-SHA256 |
|
ECDHE-RSA-AES256-SHA384 |
AES128-SHA256 |
|
ECDHE-RSA-AES128-SHA256 |
AES256-SHA1 |
|
ECDHE-RSA-AES256-SHA1 |
AES128-SHA1 |
|
ECDHE-RSA-AES128-SHA1 |
|
|
TLS 1.3 |
TLS-AES256-GCM-SHA384 |
TLS-AES128-GCM-SHA256 |
TLS-CHACHA20-POLY1305-SHA256 |
|
1 Disabled if strong encryption (strong-crypto
) is enabled.
SSH access
SSH access encryption is controlled using the following command:
config sys global set strong-crypto {enable | disable} end
Different ciphers are supported by strong or weak encryption:
Encryption |
Supported Ciphers |
|
---|---|---|
Strong |
chacha20-poly1305@openssh.com |
aes256-ctr |
aes128-ctr |
aes128-gcm@openssh.com |
|
aes192-ctr |
aes256-gcm@openssh.com |
|
Weak |
arcfour256 |
cast128-cbc |
arcfour128 |
aes192-cbc |
|
aes128-cbc |
aes256-cbc |
|
3des-cbc |
arcfour |
|
blowfish-cbc |
rijndael-cbc@lysator.liu.se |
SSL VPN
For SSL VPN connections, the TLS versions and cipher suites are controlled using the following commands:
config vpn ssl setting set algorithm {high | medium | low} set ssl-max-proto-ver {tls1-0 | tls1-1 | tls1-2 | tls1-3} set ssl-min-proto-ver {tls1-0 | tls1-1 | tls1-2 | tls1-3} set ciphersuite {TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256 TLS-AES-128-CCM-SHA256 TLS-AES-128-CCM-8-SHA256} end
Cipher suites (ciphersuite
) can only be selected when the SSL maximum version is TLS 1.3.
When the SSL VPN security level (algorithm
) is set to high, only high levels are allowed. When it is set to medium, high and medium levels are allowed. When it is set to low, any level is allowed.
The strong encryption (strong-crypto
) command has no effect on the SSL VPN encryption level or ciphers.
Specific cipher suites are supported by each TLS version:
TLS version |
Supported Cipher Suites |
|
---|---|---|
TLS 1.0 |
ECDHE-RSA-AES256-SHA |
DHE-RSA-CAMELLIA128-SHA |
DHE-RSA-AES256-SHA |
AES128-SHA |
|
DHE-RSA-CAMELLIA256-SHA |
SEED-SHA1 |
|
AES256-SHA |
CAMELLIA128-SHA |
|
CAMELLIA256-SHA |
ECDHE-RSA-DES-CBC3-SHA1 |
|
ECDHE-RSA-AES128-SHA |
EDH-RSA-DES-CBC3-SHA1 |
|
DHE-RSA-AES128-SHA1 |
DES-CBC3-SHA1 |
|
DHE-RSA-SEED-SHA |
|
|
TLS 1.1 |
ECDHE-RSA-AES256-SHA |
DHE-RSA-CAMELLIA128-SHA |
DHE-RSA-AES256-SHA |
AES128-SHA |
|
DHE-RSA-CAMELLIA256-SHA |
SEED-SHA1 |
|
AES256-SHA |
CAMELLIA128-SHA |
|
CAMELLIA256-SHA |
ECDHE-RSA-DES-CBC3-SHA1 |
|
ECDHE-RSA-AES128-SHA |
EDH-RSA-DES-CBC3-SHA1 |
|
DHE-RSA-AES128-SHA |
DES-CBC3-SHA1 |
|
DHE-RSA-SEED-SHA1 |
|
|
TLS 1.2 |
ECDHE-RSA-AES256-GCM-SHA384 |
ECDHE-RSA-AES128-SHA |
ECDHE-RSA-AES256-SHA384 |
DHE-RSA-AES128-GCM-SHA256 |
|
ECDHE-RSA-AES256-SHA |
DHE-RSA-AES128-CCM8 |
|
DHE-RSA-AES256-GCM-SHA384 |
DHE-RSA-AES128-CCM |
|
ECDHE-RSA-CHACHA20-POLY1305 |
AES128-CCM8 |
|
DHE-RSA-CHACHA20-POLY1305 |
AES128-CCM |
|
DHE-RSA-AES256-CCM8 |
DHE-RSA-AES128-SHA256 |
|
DHE-RSA-AES256-CCM |
DHE-RSA-AES128-SHA |
|
DHE-RSA-AES256-SHA256 |
ECDHE-RSA-CAMELLIA128-SHA256 |
|
DHE-RSA-AES256-SHA |
DHE-RSA-CAMELLIA128-SHA256 |
|
ECDHE-RSA-CAMELLIA256-SHA384 |
DHE-RSA-SEED-SHA1 |
|
DHE-RSA-CAMELLIA256-SHA256 |
DHE-RSA-CAMELLIA128-SHA |
|
DHE-RSA-CAMELLIA256-SHA |
AES128-GCM-SHA256 |
|
AES256-GCM-SHA384 |
AES128-SHA256 |
|
AES256-CCM8 |
AES128-SHA |
|
AES256-CCM |
CAMELLIA128-SHA256 |
|
AES256-SHA256 |
SEED-SHA1 |
|
AES256-SHA |
CAMELLIA128-SHA |
|
CAMELLIA256-SHA256 |
ARIA128-GCM-SHA256 |
|
CAMELLIA256-SHA |
DHE-RSA-ARIA128-GCM-SHA256 |
|
ARIA256-GCM-SHA384 |
ECDHE-ARIA128-GCM-SHA256 |
|
DHE-RSA-ARIA256-GCM-SHA384 |
ECDHE-RSA-AES256-GCM-SHA384 |
|
ECDHE-ARIA256-GCM-SHA384 |
ECDHE-RSA-DES-CBC3-SHA1 |
|
ECDHE-RSA-AES128-GCM-SHA256 |
EDH-RSA-DES-CBC3-SHA1 |
|
ECDHE-RSA-AES128-SHA256 |
DES-CBC3-SHA1 |
|
TLS 1.3 |
TLS_AES_256_GCM_SHA384 |
TLS_AES_128_CCM_SHA256 |
TLS_CHACHA20_POLY1305_SHA256 |
TLS_AES_128_CCM_8_SHA256 |
|
TLS_AES_128_GCM_SHA256 |
|
1 This cipher is not available when the SSL VPN security level (algorithm
) is set to high.