Hello, some news about tls 1.2 which belong to PAN-OS 6.0 previous releases of PAN-OS only supported TLS version 1.1. This release provides the Palo Alto Networks firewall with the ability to decrypt inbound sessions and forward proxy sessions that negotiate with TLS 1.2. With this release TLS 1.2 is enabled by default and cannot be disabled. This implementation includes the following details: TLS 1.2 is supported as defined by RFC 5246. The following additional cipher suites are supported: TLS_RSA_WITH_AES_128_CBC_SHA256 and TLS_RSA_WITH_AES_256_CBC_SHA256. Newer unsupported versions of TLS (1.3+) will be downgraded to 1.2 when used with the PAN-OS. without any limitation for specific models
... View more