UTM/AUTH/Verschlüsselung

14.1.0 (08.2025)

[[Datei:]]


			[[Datei: ]]

	1.2	Default: 1.2
	1.3	Default: 1.3
DH Key Size:	4096
\|\| \|\| notempty : v14.1: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256
		notempty : v14.1: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256
Webserver Webserver
			[[Datei: ]]
	1.2	Default: 1.2
Maximale TLS Version:	1.3	Default: 1.3
DH Key Size:
ECDH 384 Bit:
notempty : 14.1 \|\| \|\|

SSL-VPN SSL-VPN
			[[Datei: ]]
	1.2	Default: 1.2
	1.3	Default: 1.3
DH Key Size:
		TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256
		ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
Mailrelay Mailrelay
			[[Datei: ]]
	1.2	Default: 1.2
	1.3	Default: 1.3
DH Key Size:
		ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
Reverse-Proxy Reverse-Proxy
			[[Datei: ]]
	1.2	Default: 1.2
	1.3	Default: 1.3
DH Key Size:
notempty : 14.1 \|\| \|\| ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
		ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

CLI

extc value get application "securepoint_firewall"

application         |variable                       |value
--------------------+-------------------------------+----- 
securepoint_firewall|ANONYMIZELOGS                  |1    
                    |CIPHER_LIST                    |     
                    |CLUSTERADVBASE                 |2    
                    |CLUSTERDEADRATIO               |15   
                    |CLUSTERPREEMTIVE               |0    
                    |CLUSTER_ID                     |1    
                    |CLUSTER_SECRET                 |secret
                    |CRYPTO_OVERRIDE                |0    
                    |DHPARAM_LENGTH                 |2048 
                    |DHPARAM_LENGTH_DEFAULT         |2048 
                    |ECDHE_CURVE                    |secp384r1
                    |FULLCONENAT_ZONE_DST           |external
                    |FULLCONENAT_ZONE_SRC           |internal
                    |HTTP_TRANSPARENT_EXCEPTION_LIST|     
                    |HTTP_TRANSPARENT_LIST          |LAN2 
                    |IPCONNTRACK                    |32000
                    |LANG                           |en_US
                    |LASTRULE_LOGGING               |2    
                    |POP3_TRANSPARENT_EXCEPTION_LIST|     
                    |POP3_TRANSPARENT_LIST          |LAN2 
                    |PPPOE_LCP_ECHO                 |1    
                    |TIF_WHITELIST                  |     
                    |TLS_VERSION_MAX                |1.3  
                    |TLS_VERSION_MAX_DEFAULT        |1.3  
                    |TLS_VERSION_MIN                |1.2 
                    |TLS_VERSION_MIN_DEFAULT        |1.2  
                    |UPDATE_TRIGGER_DELAY           |2    
                    |USE_ECDHE                      |1    
                    |USE_OTP                        |0

extc value set application "securepoint_firewall" variable "TLS_VERSION_MIN" value 1.1

                    |TLS_VERSION_MAX                |1.3  
                    |TLS_VERSION_MAX_DEFAULT        |1.3  
                    |TLS_VERSION_MIN                |1.1  
                    |TLS_VERSION_MIN_DEFAULT        |1.2

extc value get application "webserver"
extc value get application "openvpn"
extc value get application "smtpd"
extc value get application "squid-reverse"

appmgmt restart application "[]"

Webserver

SSL-VPN

Mailrelay

Reverse-Proxy

CLI