Configuring encryption key algorithms
The FortiGate unit supports a range of cryptographic cipher suites to match the capabilities of various web browsers. The web browser and the FortiGate unit negotiate a cipher suite before any information (for example, a user name and password) is transmitted over the SSL link. You can only configure encryption key algorithms for SSL VPN in the CLI.
To configure encryption key algorithms - CLI:
Use the following CLI command,
config vpn ssl settings
set algorithm <cipher_suite>
where one of the following variables replaces <cipher_suite>:
||Use any cipher suite; AES, 3DES, RC4, or DES.|
||Use a 128-bit or greater cipher suite; AES, 3DES, or RC4.|
||Use a ciper suite grather than 128 bits; AES or 3DES.|
Note that the
algorithm <cipher_suite> syntax is only available when the
sslvpn-enable attribute is set to enable.