Meraki

Community

How to disable older TLS versions in the Meraki MX security appliances?

rhamersley
Getting noticed
‎Jun 4 2024 7:15 AM
‎Jun 4 2024 7:15 AM

How to disable older TLS versions in the Meraki MX security appliances?

Meraki security appliance does not have an “SSL Decryption” setting in the dashboard.  How can you enforce higher security standards to block older TLS versions.   Ideally we would like to block all outdated TLS versions.   I do believe Meraki does not provide a direct way to specify TLS versions in Layer 7 rules.   Would like to get insight to see how this is possible.

 

Thank you!!

Labels:
0 Kudos
4 Replies 4
alemabrahao
Kind of a big deal
‎Jun 4 2024 7:30 AM
‎Jun 4 2024 7:30 AM

With MX I believe you won't be able to do anything, you will probably need another solution or even another firewall.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 5 2024 3:01 AM
‎Jun 5 2024 3:01 AM

To add to @alemabrahao answer (which is correct), Cisco would recommend the use of Cisco Umbrella - which only supports TLSv1.2 clients.

 

Both Meraki MX and MR devices have native Umbrella integration options.

https://documentation.meraki.com/MX/Meraki_Umbrella_SDWAN_Connector/Deployment_Guide 

jfigueroa
Here to help
‎Jun 4 2024 12:49 PM
‎Jun 4 2024 12:49 PM

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/FAQ%3A_Meraki_Authent...

0 Kudos
In response to jfigueroa
alemabrahao
Kind of a big deal
‎Jun 4 2024 1:25 PM
‎Jun 4 2024 1:25 PM

This is talking about 802.1x specifically.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.