See the overview of Strengthening TLS/SSL Settings for information about weak protocols.
To restrict Access Gateway to communicate with backend web servers only using TLS 1.1 and TLS 1.2 protocols, set the following advanced options:
Click Devices > Access Gateways > Edit > [Name of Reverse Proxy] > [Name of Proxy Service] > Advanced Options and set SSLProxyProtocol TLSv1.1 +TLSv1.2
While setting the protocol, ensure that the web server supports the configured protocol. For example, if Access Manager supports TLS1.1, but the web server does not support that, the connection will fail.
Click Devices > Access Gateways > Edit > Advanced Options, and set SSLProtocol -SSLV2 -SSLV3 -TLSv1 -TLSv1.1 +TLSv1.2
For more information about SSLProxyProtocol directives, see SSLProxyProtocol Directive documentation.