On Fri, 2019-01-04 at 20:09 +0000, David Woodhouse wrote: > On Fri, 2019-01-04 at 20:07 +0000, David Woodhouse wrote: > > On Fri, 2019-01-04 at 19:50 +0100, Muenz, Michael wrote: > > > Am 04.01.2019 um 15:40 schrieb David Woodhouse: > > > > I think those are done, in my tncc branch. Last call for 8.0 > > > > then... > > > > > > > > Nobody's got the latest ASA supporting DTLS v1.2 that I can > > > > have > > > > an > > > > account on? Or the time to do some testing for me? > > > > > > > > > ASA 5508 with 9.10.1 image is OK for you? > > > > I actually have no idea. All I know is what's in > > https://gitlab.com/openconnect/ocserv/issues/188 > > > I think not? I think it was added elsewhere but *not* on 5508, if I'm > reading this correctly: > > https://quickview.cloudapps.cisco.com/quickview/bug/CSCvn63389 The release notes at https://www.cisco.com/c/en/us/td/docs/security/asa/asa910/release/notes/asarn910.html seem to confirm this. DTLS 1.2 support is added to "all ASA models except the 5506-X, 5508-X, and 5516-X". I think the KVM-based ASAv image at https://software.cisco.com/download/home/286119613/type/280775065/release/9.10.1 probably *would* work, if I had a valid Cisco login with support contract associated with it :) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5174 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20190104/bc457245/attachment-0001.bin>
