D-Link Forums

D-Link Enterprise => DGS-1500-Series => Topic started by: cpab on November 01, 2021, 02:53:14 AM

Title: Only weak SLL/TLS cipher suites available for recent smart switches
Post by: cpab on November 01, 2021, 02:53:14 AM

It seems recent star switches (e.g. dgs-1520) so not support secure cipher suites (not according to manual, not in the web UI, not via console). Most of the ciphers offered are deprecated since years (e.g. RC4, MD5, 3DES, ...)
Recent key exchange algorithms are not supported. Also encryption just supports CBC mode, no CTR or CGM.
While I can configure my SSH client to accept this deprecated ciphers, it doesn't work with the web interface. Recent, Chrome, Edge, Firefox, all refuse to even establish a connection. I had to use an old IE.

As DGS-1520 seems to be a recent business product, I am wondering "a bit"...