How can I force NetExtender connection to TLS 1.2
Hello all. We have an SMA400 connected to a Sonicwall nsa-2650 firewall. Remote users are all running one of the latest version of Win 10 Pro. On the SMA400 I set "Customize TLS version" to TLSv1.2 and I set "Ciphersuites" to Modern Capability. I also checked, "Enforce Forward Secrecy." On the firewall under "SSL Control" I set it to log events (not block them), and I checked all of the boxes for detecting certificate related issues. When some users connect via NetExtender, the firewall is reporting that they are using "Weak Ciphers" and are version SSLv2. So, why is this happening? What is driving the negotiations down? Shouldn't the settings I put in place on the SMA400 keep this from occurring?
ab4ok Newbie ✭
UPDATE We were on firmware version 184.108.40.206-something, so I upgraded our SMA400 to the latest version, 10.2.0.1-something, and so far I have not seen any more "weak cipher" logs for our Netextender users.0
Thanks for sharing the update and I am glad that updating the firmware took care of your issue.
Technical Support Advisor, Premier Services