08-24-2020 06:14 PM
Hi folks.
I have recently, as I'm sure a lot of us have, attempted to tighten security on my global protect portal.
I ran an SSL labs scan on it, and it came back with a B result because of some older cipher suites still being in use - so I made some changes to try and tighten this up.
I was successful - got it up to an A - but it came at a cost.
I, unfortunately, still have numerous Windows 7 workstations (save the outrage, please, I'm well aware of the risks, and there are legitimate reason I can't upgrade them yet), and it seems that tightening these protocols on the firewall completely broke Global protect on the Windows 7 machines. They simply would not connect.
The changes I made were as follows
1. Minimum TLS version set to TLS 1.2
2. Modified shared ssl-tls profile settings as follows
One of these settings simply broke global protect - I had to revert them all (except the SHA1 and RC4)
Has anyone come across his, and know of a solution on he Windows 7 end? Advice to upgrade to Windows 10, while certainly correct, aren't helpful at this point in time - I'm working to get that happening as quickly as I can.
Oh, the GP client running was 5.0.7
Thanks for any input
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
