Management Articles

Announcements
Customer Notice: we are currently experiencing login issues with Live. We are working to resolve this as quickly as possible. Thanks for your patience.

SSL Decryption Not Working due to Unsupported Cipher Suites

by panagent on ‎01-13-2012 08:18 AM (29,412 Views)

Issue

With Inbound SSL decryption, after the required configuration and import of all required certificates, the inbound SSL decryption is not working on the web server.

Similarly when using SSL Forward Proxy, sessions are either not getting decrypted and continue to show as application"ssl", or connections are not allowed through as application "ssl" and are instead being interrupted.

Details

Palo Alto Networks devices decrypts and supports the five cipher suites shown below:

  1. RSA-AES256-CBC-SHA Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
  2. RSA-AES128-CBC-SHA Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
  3. RSA-3DES-EDE-CBC-SHA Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
  4. RSA-RC4-128-MD5 Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
  5. RSA-RC4-128-SHA Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)

Using the following CLI command, look for the type of drop message:

> show counter global filter delta yes | match ssl_sess_id_resume_drop

From PAN-OS 6.0, the show counter global command will show if a cipher suite is unsupported.

With a PCAP filter applied and using delta counters:

> show counter global filter packet-filter yes delta yes

or

> show counter global filter delta yes | match "ssl_server_cipher_not_supported"

...

...

ssl_server_cipher_not_supported 2 0 warn ssl pktproc The cipher chosen by server is not supported

Resolution

Disable the unsupported cipher suites on the web server.

Note: TLS 1.2 support has been added starting with PAN-OS 6.0, with the addition of the following cipher suites:

PAN-OS 6.0

  • TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
  • TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)

PAN-OS 7.0

  • TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
  • TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)

See Also

Palo Alto Networks Supported SSL/TLS Version and Cipher Suites for Web UI

owner: panagent

Comments
by Kim_Hansen
on ‎10-22-2014 09:48 AM

Hi,

When will Palo Alto support Forward Secrecy?

Specially the Elliptic Curve cryptography (ECDHE) cipher suites.

...because ECDHE suites are faster than DHE suites.

- Kim

by Kim_Hansen
on ‎11-12-2014 02:43 AM

Hi,

Yesterday Microsoft discovered som issues in in Schannel that could Allow Remote Code Execution (2992611) - MMS14-066 - Critical:

Microsoft Security Bulletin MS14-066 - Critical

They also implemented the following New cipher suites:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_256_GCM_SHA256

TLS_RSA_WITH_AES_256_GCM_SHA384

TLS_RSA_WITH_AES_256_GCM_SHA256

When will at least the TLS_RSA cipher suites be supported?

- Kim

by mr.linus
on ‎05-18-2015 06:37 AM

cipher suites update:

PanOS 6.0.x - 6.1.x.

(No cipher suit sets have been added in 6.1.x. since 6.0.x)

SSLv3, TLSv1.0, TLSv1.1, and TLSv1.2 supported;

RSA key sizes 512-8192-bits supported;

RSA-AES256-CBC-SHA

RSA-AES128-CBC-SHA

RSA-3DES-EDE-CBC-SHA

RSA-RC4-128-SHA

RSA-RC4-128-MD5

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

PanOS7.0.0

(It is not documented yet, but you can rely on what you see in Decryption profile > SSL protocol Settings.

Combination of Encryption and Authentication algorithms make all possible cipher suites.)

Encr:

3DES, RC4, AES128-CBC, AES256-CBC, AES128-GCM, AES256-GCM

Auth:

MD5, SHA1, SHA256, SHA384

Scope also depends on the protocol version: SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2

by sobanskipalo
on ‎06-16-2015 09:02 AM

Anybody have an edit for java.properties to ensure my server only negotiates the supported ciphers?

by thomas.schmitz
on ‎07-29-2015 11:43 PM

In the current implementation probably never. Decrypting PFS requires reverse proxy mechanisms which are not part of PAN OS right now.

by EdwinD
on ‎05-08-2016 07:54 AM

Regarding this

>>When will Palo Alto support Forward Secrecy?

>>>In the current implementation probably never.

 

Never say never.  Palo Alto Networks firewalls now support PFS when performing SSL Forward Proxy decryption. PFS ensures that data from the session undergoing SSL Forward Proxy decryption cannot later be retrieved in the event that server private keys are compromised. You can enforce Diffie-Hellman key exchange-based PFS (DHE) and/or elliptic curve Diffie-Hellman-based PFS (ECDHE) with SSL Forward Proxy.

 

New in PanOS 7.1 - Perfect Forward Secrecy (PFS) Support with SSL Forward Proxy Decryption

 

PFS Documentation ( PanOS 7.1 )

 

Edwin

(I am a customer of Palo Alto Networks products, not an employee.)

 

 

by thomas.schmitz
on ‎07-25-2016 11:53 PM

@EdwinD: That goes for forward decryption which ever was proxy-based. This article is about inbound decryption and as I said, we would require reverse-proxy-like functionality if PAN would ever allow us to decrypt PFS inbound.

Register now
Ask Questions Get Answers Join the Live Community
Contributors