Description | This article describes how to troubleshoot SSL-VPN issue with TLS Cipher Suites in Windows. |
Scope | SSL-VPN |
Solution |
When SSL-VPN issue are troubelshooted with TLS Cipher Suites in Windows first, it is necessary to check that TLS Cipher Suites are configured in FortiGate.
For example from FortiGate config SSL-VPN settings:
set ciphersuite TLS-CHACHA20-POLY1305-SHA256
From Microsoft info, it is possible to see that these Cipher Suites are not available in Windows 10: https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-10-v20h2
But are available in Windows 11: https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-11
Recommendations: 1) Only Windows 11 is used with these Cipher Suites. 2) Other Cipher Suites are available in all FortiOS for configuration. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.