DHE cipher suites are not available on Edge SWG (ProxySG)
search cancel

DHE cipher suites are not available on Edge SWG (ProxySG)

book

Article ID: 245778

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Edge SWG (ProxySG) does not offer DHE ciphers while contacting an upstream server.

In a packet capture, you can see DHE ciphers are offered by a client application but Edge SWG (ProxySG) does not offer the same DHE ciphers to the upstream server.

SGOS 6.7 provided the cipher suites upstream, but SGOS 7.x does not.

Environment

SGOS 7.x

Cause

DHE ciphers are disabled on 7.x by default.

Resolution

Execute the commands below from the command line interface to enable DHE ciphers.

SGOS#(config)ssl
SGOS#(config ssl)proxy dhe-ciphers enable
  ok
SGOS#(config ssl)exit
Powered by Wolken Software