Technical Tip: The use of TLS 1.3 Protocol on Windows 10 machines for remote SSL VPN FortiClient users

FortiArt · ‎05-27-2024

Description

This article addresses the connectivity problem when enforcing the use of tls 1.3 protocol on SSL VPN connection for remote SSL VPN users using Windows 10 machines with FortiClient.

Scope

FortiGate , Windows 10 Machines.

Solution

Objective:

SSL VPN Connectivity Problem When Enforcing TLS 1.3 Protocol on Windows 10 Machines and possible workaround .

Introduction:

Some corporates prefer to enforce the use of the secure TLS 1.3 protocol to use secure cipher suites for the remote SSL VPN connection to access internal resources. The administrator in this case only enables TLS 1.3 protocol on the connection on both FortiGates and the remote Windows 10 machines.

On Windows 10 machines, the administrator can enforce the use of TLS 1.3 under Internet Options -> Advanced -> Settings, select Use TLS 1.3 option as per the following:

It is evident from the above screenshot that the TLS 1.3 protocol is an experimental security protocol in Windows 10 machines and may lack some of the secure algorithms in the full-fledged TLS 1.3 protocol.

To enforce the use of TLS 1.3 protocol on FortiGate, make sure ssl-min-protocol-ver and ssl-max-protocol-ver are set to TLS 1.3 as per the following:

In the above scenario, the SSL VPN connection will have problems, and remote Windows 10 FortiClient users cannot connect to SSL VPN to access internal corporate resources. The above connectivity problem is not applicable for remote SSL VPN users using Windows 11 machines and MacOS machines.

Workaround for Windows 10:

The workaround for the above connectivity problem with Windows 10 machines, when the requirement is to use secure TLS 1.3 protocol, is as follows. By disabling the weak TLS 1.2 protocol ciphers and enabling TLS 1.2 along with TLS 1.3 on both FortiGates and Windows 10 machines.

Debug Output:

By implementing the above workaround, as per the following debug output, the SSL VPN connection will use TLS 1.2 for initial TLS negotiation between FortiGate and Windows 10 machines and then it will switch to tls 1.3 protocol:

[5591:root:1e]allocSSLConn:307 sconn 0x7fb7156a00 (0:root)
[5591:root:1e]SSL state:before SSL initialization (10.9.10.119)
[5591:root:1e]SSL state:before SSL initialization (10.9.10.119)
[5591:root:1e]no SNI received
[5591:root:1e]client cert requirement: no
[5591:root:1e]SSL state:SSLv3/TLS read client hello (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write server hello (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write certificate (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write key exchange (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write server done (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write server done:system lib(10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write server done (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS read client key exchange (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS read change cipher spec (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS read finished (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write session ticket (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write change cipher spec (10.9.10.119)
[5591:root:1e]SSL state:SSLv3/TLS write finished (10.9.10.119)
[5591:root:1e]SSL state:SSL negotiation finished successfully (10.9.10.119)
[5591:root:1e]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
.
.
.
[5592:root:1e]allocSSLConn:307 sconn 0x7fb7156a00 (0:root)
[5592:root:1e]SSL state:before SSL initialization (10.9.10.119)
[5592:root:1e]SSL state:before SSL initialization (10.9.10.119)
[5592:root:1e]no SNI received
[5592:root:1e]client cert requirement: no
[5592:root:1e]SSL state:SSLv3/TLS read client hello (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write server hello (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write change cipher spec (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data:system lib(10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data (10.9.10.119)
[5592:root:1e]no SNI received
[5592:root:1e]client cert requirement: no
[5592:root:1e]SSL state:SSLv3/TLS read client hello (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write server hello (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 write encrypted extensions (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write certificate (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 write server certificate verify (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write finished (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data (10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data:system lib(10.9.10.119)
[5592:root:1e]SSL state:TLSv1.3 early data (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS read finished (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write session ticket (10.9.10.119)
[5592:root:1e]SSL state:SSLv3/TLS write session ticket (10.9.10.119)
[5592:root:1e]SSL established: TLSv1.3 TLS_AES_256_GCM_SHA384

Conclusion:

If the corporate security requirement is to use the secure TLS 1.3 protocol for SSL VPN connection, then disabling weak TLS 1.2 ciphers and enabling TLS 1.2 in addition to tls 1.3 on both FortiGates and remote Winnows 10 machines will be a valid alternative secure option without any connectivity problems.