Fortinet white logo
Fortinet white logo

Administration Guide

FortiProxy encryption algorithm cipher suites

FortiProxy encryption algorithm cipher suites

FortiProxies use SSL/TLS encryption for HTTPS and SSH administrative access. When establishing an SSL/TLS or SSH connection, you can control the encryption level and the ciphers that are used in order to control the security level.

HTTPS access

HTTP administrative access encryption is controlled using the following commands:

config system global
    set strong-crypto {enable | disable}
    set admin-https-ssl-versions {tlsv1-1 tlsv1-2 tlsv1-3}
    set admin-https-ssl-ciphersuites {<cipher_1> ... <cipher_n>}
    set admin-https-ssl-banned-ciphers {<cipher_1> ... <cipher_n>}
end
  • When strong encryption is enabled, only TLS 1.2 and TLS 1.3 are allowed. If strong encryption is then disabled, TLS 1.1 has to be manually enabled.

  • Setting admin-https-ssl-ciphersuites controls which cipher suites are offered in TLS 1.3. TLS 1.2 and lower are not affected by this command. To disable all TLS 1.3 cipher suites, remove TLS1-3 from admin-https-ssl-versions.

  • Setting admin-https-ssl-banned-ciphers controls which cipher technologies will not be offered for TLS 1.2 and lower.

The following table lists cipher suites supported by each TLS version:

TLS version

Supported cipher suites

TLS 1.11

ECDHE-RSA-AES256-SHA1

AES256-SHA1

ECDHE-RSA-AES128-SHA1

AES128-SHA1

TLS 1.2

ECDHE-RSA-AES256-GCM-SHA384

AES256-GCM-SHA3841

ECDHE-RSA-AES128-GCM-SHA256

AES128-GCM-SHA2561

ECDHE-RSA-CHACHA20-POLY1305

AES256-SHA256

ECDHE-RSA-AES256-SHA384

AES128-SHA256

ECDHE-RSA-AES128-SHA256

AES256-SHA1

ECDHE-RSA-AES256-SHA1

AES128-SHA1

ECDHE-RSA-AES128-SHA1

TLS 1.3

TLS-AES-128-GCM-SHA256

TLS-AES-128-CCM-8-SHA256

TLS-AES-256-GCM-SHA384

TLS-CHACHA20-POLY1305-SHA256

TLS-AES-128-CCM-SHA256

1 Disabled if strong encryption (strong-crypto) is enabled. You must manually enable TLS 1.1 in this case.

SSH access

SSH access encryption is controlled using the following command:

config system ssh-config
    set admin-ssh-v1 {enable | disable}
    set strong-crypto {enable | disable}
    set ssh-enc-algo <algo_1> [<algo_2> ... <algo_n>]
    set ssh-kex-algo <algo_1> [<algo_2> ... <algo_n>]
    set ssh-mac-algo <algo_1> [<algo_2> ... <algo_n>]
end

The algorithms available when configuring set ssh-enc-algo are affected by set strong-crypto as follows:

Strong encryption setting

Supported ciphers

Enabled

aes256-gcm@openssh.com

aes256-ctr

Disabled

chacha20-poly1305@openssh.com aes128-ctr
aes192-ctr aes256-ctr
arcfour256 arcfour128
aes128-cbc 3des-cbc

blowfish-cbc

cast128-cbc

aes192-cbc

aes256-cbc

arcfour

rijndael-cbc@lysator.liu.se

aes128-gcm@openssh.com

aes256-gcm@openssh.com

The following options are available for the ssh-kex-algo algorithm based on the strong encryption setting:

Strong encryption setting

Supported ciphers

Enabled

diffie-hellman-group-exchange-sha256

curve25519-sha256@libssh.org

ecdh-sha2-nistp256

ecdh-sha2-nistp384

ecdh-sha2-nistp521

Disabled

diffie-hellman-group14-sha1

diffie-hellman-group-exchange-sha1

diffie-hellman-group-exchange-sha256

curve25519-sha256@libssh.org

ecdh-sha2-nistp256

ecdh-sha2-nistp384

ecdh-sha2-nistp521

The following options are available for the ssh-mac-algo algorithm based on the strong encryption setting:

Strong encryption setting

Supported ciphers

Enabled

hmac-sha2-256

hmac-sha2-256-etm@openssh.com

hmac-sha2-512

hmac-sha2-512-etm@openssh.com

Disabled

hmac-md5

hmac-md5-etm@openssh.com

hmac-md5-96

hmac-md5-96-etm@openssh.com

hmac-sha1

hmac-sha1-etm@openssh.com

hmac-sha2-256

hmac-sha2-256-etm@openssh.com

hmac-sha2-512

hmac-sha2-512-etm@openssh.com

hmac-ripemd160

hmac-ripemd160@openssh.com

hmac-ripemd160-etm@openssh.com

umac-64@openssh.com

umac-128@openssh.com

umac-64-etm@openssh.com

umac-128-etm@openssh.com

Additional features

Security hardening for other FortiProxy features can also be achieved by managing the encryption level or ciphers. See SSL algorithm security level for more information about different levels of security.

Note

An asterisk (*) represents the default values for each feature.

Some of these features are described next.

WAN optimization

For WAN optimization tunnel connections, the encryption algorithm is controlled using the following commands:

config wanopt settings
    set tunnel-ssl-algorithm {high* | medium | low}
end

Explicit FTP proxy

For explicit FTP proxy, the encryption algorithm is controlled using the following commands:

config ftp-proxy explicit
    set ssl-algorithm { high* | medium | low}
end

Explicit web proxy

For explicit web proxy, the encryption algorithm is controlled using the following commands:

config web-proxy explicit
  edit 1
    set ssl-algorithm {high | medium | low*}
end

SSL Server

For SSL server, the TLS versions and the encryption algorithm are controlled using the following commands:

config firewall ssl-server
    edit <name>
        set ssl-mode {half | full}
	 set ssl-algorithm {high* |medium | low}
        set ssl-max-version {tls-1.0* |tls-1.1 | tls-1.2 | tls-1.3}
        set ssl-min-version {tls-1.0 |tls-1.1 | tls-1.2 | tls-1.3*}
    next
end

VIP

For VIP, the TLS versions and the encryption algorithm are controlled using the following commands:

config firewall vip
        set ssl-max-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3*}
        set ssl-min-version {ssl-3.0 | tls-1.0 | tls-1.1* | tls1-2 | tls-1.3 | client}
        set ssl-algorithm {high* | medium | low | custom}
        config ssl-cipher-suites
            edit <priority>
                set cipher {TLS-AES-128-GCM-SHA256 | TLS-AES-256-GCM-SHA384|...}
                set versions {option1}, {option2}, ...
            next
        end
        set ssl-server-max-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3 | client*}        
        set ssl-server-min-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3 | client*}

        set ssl-server-algorithm {high | medium | low | custom | client* }
        config ssl-server-cipher-suites
            edit <priority>
                set cipher {TLS-AES-128-GCM-SHA256 | TLS-AES-256-GCM-SHA384|...}
                set versions {option1}, {option2}, ...
            next
        end
    next
end
Note

The command config ssl-cipher-suites is available only under certain conditions:

  • When set type is set to either server-load-balance or access-proxy

  • When set ssl-algorithm is set to custom

Similarly, the command config ssl-server-cipher-suites is available only under certain conditions:

  • When set type is set to server-load-balance

  • When set ssl-mode is set to full

  • When set ssl-algorithm is set to custom

SSL algorithm security level

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

*custom

Custom encryption. Use ssl-server-cipher-suites to select the cipher suites that are allowed.

*client

Use the same encryption algorithms for both client and server sessions.

Note

The SSL algorithm security levels marked with an asterisk (*) are not supported across different FortiProxy features.

Other Products

The security level of communication to and from FortiProxy can be managed by controlling the encryption level and ciphers used. See Encryption algorithm security level for more information about different levels of security.

Note

An asterisk (*) represents the default value for each product.

Some products that commonly interact with the FortiProxy device are listed next.

syslog server

For syslog server, the TLS versions and the encryption algorithm are controlled using the following commands:

config log syslogd setting
    set enc-algorithm {high-medium | high | low | disable*}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end
config log syslogd override-setting
    set enc-algorithm {high-medium | high | low | disable*}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end
Note

The command ssl-min-proto-version set to default means that the system global setting will be followed.

FortiCloud

For logging to FortiCloud, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortiguard setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end

FortiAnalyzer Cloud

For FortiAnalyzer Cloud, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortianalyzer-cloud setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end

FortiAnalyzer

For FortiAnalyzer, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortianalyzer setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end
config log fortianalyzer override-setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end

FortiSandbox

For FortiSandbox, the TLS versions and the encryption algorithm are controlled using the following commands:

config system fortisandbox
    set enc-algorithm {default* | high | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end

FortiManager

For central management, the TLS versions and the encryption algorithm are controlled using the following commands:

config system central-management
    set enc-algorithm {default | high* | low}
end

Encryption algorithm security level

Option

Description

*high-medium/ default

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithm

low

SSL communication with low encryption algorithms.

*disable

Disable SSL communication.
Note

Encryption algorithm security levels marked with an asterisk (*) are not supported across different products.

FortiProxy encryption algorithm cipher suites

FortiProxy encryption algorithm cipher suites

FortiProxies use SSL/TLS encryption for HTTPS and SSH administrative access. When establishing an SSL/TLS or SSH connection, you can control the encryption level and the ciphers that are used in order to control the security level.

HTTPS access

HTTP administrative access encryption is controlled using the following commands:

config system global
    set strong-crypto {enable | disable}
    set admin-https-ssl-versions {tlsv1-1 tlsv1-2 tlsv1-3}
    set admin-https-ssl-ciphersuites {<cipher_1> ... <cipher_n>}
    set admin-https-ssl-banned-ciphers {<cipher_1> ... <cipher_n>}
end
  • When strong encryption is enabled, only TLS 1.2 and TLS 1.3 are allowed. If strong encryption is then disabled, TLS 1.1 has to be manually enabled.

  • Setting admin-https-ssl-ciphersuites controls which cipher suites are offered in TLS 1.3. TLS 1.2 and lower are not affected by this command. To disable all TLS 1.3 cipher suites, remove TLS1-3 from admin-https-ssl-versions.

  • Setting admin-https-ssl-banned-ciphers controls which cipher technologies will not be offered for TLS 1.2 and lower.

The following table lists cipher suites supported by each TLS version:

TLS version

Supported cipher suites

TLS 1.11

ECDHE-RSA-AES256-SHA1

AES256-SHA1

ECDHE-RSA-AES128-SHA1

AES128-SHA1

TLS 1.2

ECDHE-RSA-AES256-GCM-SHA384

AES256-GCM-SHA3841

ECDHE-RSA-AES128-GCM-SHA256

AES128-GCM-SHA2561

ECDHE-RSA-CHACHA20-POLY1305

AES256-SHA256

ECDHE-RSA-AES256-SHA384

AES128-SHA256

ECDHE-RSA-AES128-SHA256

AES256-SHA1

ECDHE-RSA-AES256-SHA1

AES128-SHA1

ECDHE-RSA-AES128-SHA1

TLS 1.3

TLS-AES-128-GCM-SHA256

TLS-AES-128-CCM-8-SHA256

TLS-AES-256-GCM-SHA384

TLS-CHACHA20-POLY1305-SHA256

TLS-AES-128-CCM-SHA256

1 Disabled if strong encryption (strong-crypto) is enabled. You must manually enable TLS 1.1 in this case.

SSH access

SSH access encryption is controlled using the following command:

config system ssh-config
    set admin-ssh-v1 {enable | disable}
    set strong-crypto {enable | disable}
    set ssh-enc-algo <algo_1> [<algo_2> ... <algo_n>]
    set ssh-kex-algo <algo_1> [<algo_2> ... <algo_n>]
    set ssh-mac-algo <algo_1> [<algo_2> ... <algo_n>]
end

The algorithms available when configuring set ssh-enc-algo are affected by set strong-crypto as follows:

Strong encryption setting

Supported ciphers

Enabled

aes256-gcm@openssh.com

aes256-ctr

Disabled

chacha20-poly1305@openssh.com aes128-ctr
aes192-ctr aes256-ctr
arcfour256 arcfour128
aes128-cbc 3des-cbc

blowfish-cbc

cast128-cbc

aes192-cbc

aes256-cbc

arcfour

rijndael-cbc@lysator.liu.se

aes128-gcm@openssh.com

aes256-gcm@openssh.com

The following options are available for the ssh-kex-algo algorithm based on the strong encryption setting:

Strong encryption setting

Supported ciphers

Enabled

diffie-hellman-group-exchange-sha256

curve25519-sha256@libssh.org

ecdh-sha2-nistp256

ecdh-sha2-nistp384

ecdh-sha2-nistp521

Disabled

diffie-hellman-group14-sha1

diffie-hellman-group-exchange-sha1

diffie-hellman-group-exchange-sha256

curve25519-sha256@libssh.org

ecdh-sha2-nistp256

ecdh-sha2-nistp384

ecdh-sha2-nistp521

The following options are available for the ssh-mac-algo algorithm based on the strong encryption setting:

Strong encryption setting

Supported ciphers

Enabled

hmac-sha2-256

hmac-sha2-256-etm@openssh.com

hmac-sha2-512

hmac-sha2-512-etm@openssh.com

Disabled

hmac-md5

hmac-md5-etm@openssh.com

hmac-md5-96

hmac-md5-96-etm@openssh.com

hmac-sha1

hmac-sha1-etm@openssh.com

hmac-sha2-256

hmac-sha2-256-etm@openssh.com

hmac-sha2-512

hmac-sha2-512-etm@openssh.com

hmac-ripemd160

hmac-ripemd160@openssh.com

hmac-ripemd160-etm@openssh.com

umac-64@openssh.com

umac-128@openssh.com

umac-64-etm@openssh.com

umac-128-etm@openssh.com

Additional features

Security hardening for other FortiProxy features can also be achieved by managing the encryption level or ciphers. See SSL algorithm security level for more information about different levels of security.

Note

An asterisk (*) represents the default values for each feature.

Some of these features are described next.

WAN optimization

For WAN optimization tunnel connections, the encryption algorithm is controlled using the following commands:

config wanopt settings
    set tunnel-ssl-algorithm {high* | medium | low}
end

Explicit FTP proxy

For explicit FTP proxy, the encryption algorithm is controlled using the following commands:

config ftp-proxy explicit
    set ssl-algorithm { high* | medium | low}
end

Explicit web proxy

For explicit web proxy, the encryption algorithm is controlled using the following commands:

config web-proxy explicit
  edit 1
    set ssl-algorithm {high | medium | low*}
end

SSL Server

For SSL server, the TLS versions and the encryption algorithm are controlled using the following commands:

config firewall ssl-server
    edit <name>
        set ssl-mode {half | full}
	 set ssl-algorithm {high* |medium | low}
        set ssl-max-version {tls-1.0* |tls-1.1 | tls-1.2 | tls-1.3}
        set ssl-min-version {tls-1.0 |tls-1.1 | tls-1.2 | tls-1.3*}
    next
end

VIP

For VIP, the TLS versions and the encryption algorithm are controlled using the following commands:

config firewall vip
        set ssl-max-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3*}
        set ssl-min-version {ssl-3.0 | tls-1.0 | tls-1.1* | tls1-2 | tls-1.3 | client}
        set ssl-algorithm {high* | medium | low | custom}
        config ssl-cipher-suites
            edit <priority>
                set cipher {TLS-AES-128-GCM-SHA256 | TLS-AES-256-GCM-SHA384|...}
                set versions {option1}, {option2}, ...
            next
        end
        set ssl-server-max-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3 | client*}        
        set ssl-server-min-version {ssl-3.0 | tls-1.0 | tls-1.1 | tls1-2 | tls-1.3 | client*}

        set ssl-server-algorithm {high | medium | low | custom | client* }
        config ssl-server-cipher-suites
            edit <priority>
                set cipher {TLS-AES-128-GCM-SHA256 | TLS-AES-256-GCM-SHA384|...}
                set versions {option1}, {option2}, ...
            next
        end
    next
end
Note

The command config ssl-cipher-suites is available only under certain conditions:

  • When set type is set to either server-load-balance or access-proxy

  • When set ssl-algorithm is set to custom

Similarly, the command config ssl-server-cipher-suites is available only under certain conditions:

  • When set type is set to server-load-balance

  • When set ssl-mode is set to full

  • When set ssl-algorithm is set to custom

SSL algorithm security level

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

*custom

Custom encryption. Use ssl-server-cipher-suites to select the cipher suites that are allowed.

*client

Use the same encryption algorithms for both client and server sessions.

Note

The SSL algorithm security levels marked with an asterisk (*) are not supported across different FortiProxy features.

Other Products

The security level of communication to and from FortiProxy can be managed by controlling the encryption level and ciphers used. See Encryption algorithm security level for more information about different levels of security.

Note

An asterisk (*) represents the default value for each product.

Some products that commonly interact with the FortiProxy device are listed next.

syslog server

For syslog server, the TLS versions and the encryption algorithm are controlled using the following commands:

config log syslogd setting
    set enc-algorithm {high-medium | high | low | disable*}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end
config log syslogd override-setting
    set enc-algorithm {high-medium | high | low | disable*}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end
Note

The command ssl-min-proto-version set to default means that the system global setting will be followed.

FortiCloud

For logging to FortiCloud, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortiguard setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end

FortiAnalyzer Cloud

For FortiAnalyzer Cloud, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortianalyzer-cloud setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end

FortiAnalyzer

For FortiAnalyzer, the TLS versions and the encryption algorithm are controlled using the following commands:

config log fortianalyzer setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end
config log fortianalyzer override-setting
    set enc-algorithm {high-medium | high* | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2 | TLSv1-3}
end

FortiSandbox

For FortiSandbox, the TLS versions and the encryption algorithm are controlled using the following commands:

config system fortisandbox
    set enc-algorithm {default* | high | low}
    set ssl-min-proto-version {default* | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2}
end

FortiManager

For central management, the TLS versions and the encryption algorithm are controlled using the following commands:

config system central-management
    set enc-algorithm {default | high* | low}
end

Encryption algorithm security level

Option

Description

*high-medium/ default

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithm

low

SSL communication with low encryption algorithms.

*disable

Disable SSL communication.
Note

Encryption algorithm security levels marked with an asterisk (*) are not supported across different products.