ASA - ASDM Cipher security levels
- Configuration --> Device Management --> Advanced --> SSL Settings
- Configuration --> Remote Access VPN --> Advanced --> SSL Settings
Under the configuration of "Encryption", you can set the Cipher Security Level to one of the following settings:
- *All includes all ciphers, including NULL-SHA.
- Low includes all ciphers, except NULL-SHA.
- Medium includes all ciphers, except NULL-SHA, DES-CBC-SHA, RC4-MD5 (this is the default), RC4-SHA, and DES-CBC3-SHA.
- Fips includes all FIPS-compliant ciphers, except NULL-SHA, DES-CBC-SHA, RC4-MD5, RC4-SHA, and DES-CBC3-SHA.
- High includes only AES-256 with SHA-2 ciphers and applies only to TLS version 1.2.
- Custom includes one or more ciphers that you specify in the Cipher algorithms/custom string box. This option provides you with full control of the cipher suite using OpenSSL cipher definition strings.