Does ZyWall USG 20W support AES and 3DES and why is it absent on my router

OGCJN Posts: 2
First Comment
edited February 2023 in Security
  - I can only choose DES encryption in VPN Gateway/Connection settings.
  - Router(config)# show ip http server secure cipher-list only shows RC4 and DES ciphers
  - When trying to enable cipher suite using CLI I get:

Router(config)# ip http secure-server cipher-suite aes 3des des rc4
% Ignore AES or 3DES

and I am still left with DES and RC4.

I've tried all available Firmware and result is the same. How can I enable AES and 3DES?

One more symptom is that one can not log in via web interface from any modern browser: ERR_SSL_VERSION_OR_CIPHER_MISMATCH. The only way I could bypass that was using old version of FireFox (v43). I also tried the latest TLS1.2 firmware, 330BDR9ITS-WK48-r74988 but this did not solve the problem. The only cipher-suites that are available are DES and RC4. 

Accepted Solution

    OGCJN Posts: 2
    First Comment
    Answer ✓
    Hi, thanks for the link but I have looked into it before.
    These commands will disable DES and RC4. However I only have DES and RC4 in my cipher-suite!
    If I disable DES and RC4 then nothing will work at all.

    I found the solution though: 

    Router(config)# crypto algorithm-hide disable

    enables AES and 3DES.

All Replies

Security Highlight