On Tue, Jul 17, 2018 at 10:45 PM, Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote: > > On Mon, 2018-07-16 at 16:09 -0500, Marc West wrote: > > Hi, > > > > Is there a way to have the latest Cisco AnyConnect 4.6 clients use > > ocserv with a stronger DTLS cipher than the default > > RSA_AES_128_SHA1? > > When the same version of AnyConnect connects to an ASA the DTLS > > cipher > > shows as DHE_RSA_AES256_SHA, which GnuTLS 3.5.18 on my ocserv box > > should > > also support. I have tried playing around with the > > cisco-client-compat/dtls-legacy/dtls-psk/match-tls-dtls-ciphers > > config > > options, but understand some of those are mutually exclusive. > > > > I plan to force TCP and TLS1.2 with GCM ciphers for most AnyConnect > > clients with ocserv which works fine, but would like to support the > > "best DTLS possible" (or at least match the ASA cipher) for a few > > cases where TCP file transfer throughput through AnyConnect is > > important (seeing about 3x throughput via DTLS). > > > > `occtl show user` with ocserv 0.12.1 and AnyConnect 4.6.01103: > > TLS ciphersuite: (TLS1.2)-(ECDHE-RSA-SECP521R1)-(AES-256-GCM) > > DTLS cipher: (DTLS0.9)-(RSA)-(AES-128-CBC)-(SHA1) > > You cannot with the current ocserv as it doesn't support anything but > aes-128 or 3des for compatibility with anyconnect. You could try a > patch like the one below if AES256-SHA is supported by anyconnect. If > that works for you, we'd only need a test case for it, to include it in > the server. Recent ASAs and AnyConnect *do* support AES-256-CBC. I get this when connecting to a couple different ASAs: (DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1)
