Newer versions of Chrome, Firefox, Internet Explorer and other browser will no longer connect to servers enabled with RC4 ciphers.
If your Opengear appliance is running firmware 3.16.4 or Lighthouse 4.5.5u1 and older you may see one of the following messages on your browser:
Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP
Hostname uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://hostname again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.
Login as root or an admin user on the CLI and run the following command so the latest browsers can still access the GUI:
config -s config.https.customciphers="AES256-SHA:-aNULL:-eNULL:-EXP:-SSLv2:@STRENGTH" -r ssl
If the configuration is reset to factory default, you will need to apply the command again. Opengear strongly recommend upgrading to the latest firmware which removes RC4 and provide TLS1.2 support by default:
Note: When the upgrade is completed remove the customciphers option with the following command:
config -d config.https.customciphers -r ssl