Disable TLS 1.0 on Windows Server 2012 R2 NPS

  • Thread starter Yordan Yordanov
  • Start date
Y

Yordan Yordanov

I have NPS on Windows Server 2012 R2 set up for 802.X authentication with EAP-PEAP-MSCHAPv2. Recently I disabled weak security protocols on the server - SSL 3 and TLS 1.0. This caused 802.1X authentication failures on the domain-joined machines (the machine doesn't connect to the wireless network neither with the machine account, nor with a user account). They are Windows 10 1709 and as far as I know they support TLS 1.2 which should also be supported by the server (and it is explicitly enabled in the Registry). I had to reenable TLS 1.0 (server) and TLS 1.0 (client) in order to mitigate the issue. But is it possible to enable only TLS 1.1 and 1.2 without causing any trouble? And what clients will be affected if implemented?

Continue reading...
 
You must log in or register to reply here.

Similar threads

A
Windows Server 2012 R2 Remote Desktop Unaccessible to Users
Replies
0
Views
38
Ahmad Dhamiri Muhammad Farhan
A
S
Enable TLS 1.3 on IIS Web Server with Windows 2022
Replies
0
Views
14
Sameer Rao
S
K
Windows Server 2012 R2 unable to connect to SQL Server 2014 using stronger cipher suites
Replies
0
Views
49
Khoh Keng Guan Jimmy (NCS)
K
R
Explicit EAP error 0x9009030C. Authentication failed due to a user credentials mismatch on NPS server
Replies
0
Views
30
ronnieshih
R
I
Windows server 2012 R2 : KB5039294 "we couldn't complete the update"
Replies
0
Views
36
Itsarapong Intoum
I
Back
Top Bottom