Skip to end of metadata
Go to start of metadata


Description:

The Voracle security vulnerability allows to draw conclusions regarding the complexity of the used password when using SSL VPN with active compression and certain circumstances are met. Therefore LANCOM Systems recommends to generally deactivate compression for SSL VPN connections.

This Knowledge Base article describes how to deactivate compression for SSL VPN connections on a Unified Firewall.


Requirements:

  • LANCOM R&S®Unified Firewall with LCOS FX as of version 10.2
  • Already configured SSL VPN connection
  • Web browser for configuring the Unified Firewall.

    The following browsers are supported:
    • Google Chrome
    • Chromium
    • Mozilla Firefox


Procedure:

1) Connect to the Unified Firewall via a web browser and go to the menu VPN → VPN SSL → VPN SSL Settings.

2) Deactivate - if active - the option Compression for the used mode an click Save:

Please note, that Compression has to be deactivated on both Unified Firewalls when using the modes Site-to-Site and Bridging


Client-to-Site:



Site-to-Site:



Bridging: