Jump to content
Welcome to our new Citrix community!

Netscaler VPX SNIP en SSL parameters


Henri Louwes

Recommended Posts

We have two Netscaler VPX nodes in HA mode (primary/secondary).  In one of the two Netscalers I see that the SNIP address has two entries as internal services (nsrpcs-ip.address-3008 (SSL_TCP) and nshttps-ip.address-443 (SSL)) whereas I don't see these entries for the SNIP on the other Netscaler. Is that normal ? If not, how can I correct this ?

Another thing is that although I've disabled the SSL parameters  SSLv3, TPLv1 and TLSv11 for the two SNIP internal services after switching between primary and secondary the SSL parameters are enabled again. Should I disable those SSL parameters in the CLI to get rid of them permanently of is the automaticly enabling caused by something else ?

I hope that someone has the answer, we are bound to only allow TLSv12.

Link to comment
Share on other sites

1 hour ago, Carl Stalhood1709151912 said:

Go to System > Network > IPs. Edit your SNIP. Scroll down and uncheck management access.

 

Is default SSL Profile enabled?

 

Disabling TLS 1 on management services should sync to the other node but you can double-check it.

Hi Carl,

 

Thanks for your quick response, I'll give it a try tomorrow and let you know the outcome :).

 

Kind regards, Henri

Link to comment
Share on other sites

  • 7 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...