Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
ctanev1
Staff
Staff

Created on ‎08-04-2022 06:17 AM Edited on ‎08-04-2022 06:18 AM By Community Manager

Article Id 219748

Troubleshooting Tip: TLS Cipher Suites in Windows

Description This article describes how to troubleshoot SSL-VPN issue with TLS Cipher Suites in Windows.
Scope SSL-VPN
Solution

When  SSL-VPN issue are troubelshooted with TLS Cipher Suites in Windows first, it is necessary to check that TLS Cipher Suites are configured in FortiGate.

 

For example from FortiGate config SSL-VPN settings:

 

set ciphersuite TLS-CHACHA20-POLY1305-SHA256

 

From Microsoft info, it is possible to see that these Cipher Suites are not available in Windows 10:

https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-10-v20h2

 

But are available in Windows 11:

https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-11

 

Recommendations:

1) Only Windows 11 is used with these Cipher Suites.

2) Other Cipher Suites are available in all FortiOS for configuration.
1043
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.