-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How can I enable RC4-only cipher suites?
12/20/2019 
34 People found this article helpful
500,178 Views
Description
In SonicOS 5.9.x and above firmware, an option to enable only RC4 ciphers has been introduced. Enabling this option would force SonicWall to negotiate SSL connections using RC4-SHA1 or RC4-MD5.
This article describes how to enable this option. The solution described here can be used to mitigate the BEAST and POODLE attacks. Both these attacks target SSLv3 server with CBC mode encryption. RC4 being stream based is not affected by these attacks.
Cause
Sometimes web browser is configured to use only strong cipher suits and it refuses to use RC4-Only encryption. Thus if RC4-Only encryption is
enabled in SonicOS, it could cause err_ssl_version_or_cipher_mismatch error which reported by the browser.
Resolution
- Login to the SonicWall management GUI.
- Change to the diag page at https://<interface IP address>/diag.html.
- Under Encryption Settings, enable check box Enable RC4-Only Cipher Suite Support.
- Click Accept at the top to save the change.
- Restart for the change to take effect.
After enabling this option, SonicWall features like Web Management, SSL-VPN and DPI-SSL will negotiate SSL connections with the following ciphers:
SSLv3 - RC4-MD5, RC4-SHA1
TLSv1 - RC4-MD5, RC4-SHA1
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
YES
NO