NetExtender - no support for TLS 1.3?
tabbit
Newbie ✭
Hello,
we're using SMA 500v - in the configuration I can set the appliance to only use TLS 1.3 - but when I do this, I cannot connect to it using NetExtender anymore. Setting back to TLS 1.2+ solves this issue.
This means, NetExtender currently does not support TLS 1.3, right? When will this be coming?
Thanks for your feedback on this.
Category: Secure Mobile Access Appliances
0
Answers
Any feedback from Sonicwall? @Micah?
Hi @tabbit
You are correct that Netextender on Windows does not support TLS 1.3.
If you look at page 87 in the Admin Guide this is documented.
https://www.sonicwall.com/techdocs/pdf/sma_100-10-2-administration_guide.pdf
Thanks a lot for this information!
I could see in the documentation, that NetExtender for Linux does indeed support TLS 1.3, only the Windows client doesn't.
Do you know whether there are plans to support it in upcoming versions?
Hi @tabbit
In the future, we must have a Windows tunnel client for the SMA 100 product line that supports TLS1.3. I am not certain when that will be implemented. I don't have complete visibility into the Netextender road map and timeline.
@Simon @tabbit the future is now (2 years later) and NetExtender still does not support TLS 1.3, feels embarrassing and isn't funny anymore.
I would like to have my SMAs running in TLS 1.3 mode only, which is OK for MobileConnect but not for NetExtender. Even if I select Wireguard as protocol in NetExtender, some chit chat is done via HTTPS which fails because of TLS 1.3.
@Simon @Community Manager could you please check this with product management and provide a realistic date when this will be implemented, doesn't sound like rocket science to me.
--Michael@BWC