View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Disabling TLS 1.0/1.1

This thread has been viewed 21 times
  • 1.  Disabling TLS 1.0/1.1

    Posted Aug 18, 2022 11:48 AM

    We are disabling TLS 1.0/1.1 in our environment. This includes browsers, PC's, servers, etc. Will this affect my authentication in any way? We are using EAP-TLS for our authentication method. We have an authorization source for using Intune and an authentication source of AD for on-prem machines.

  • 2.  RE: Disabling TLS 1.0/1.1

    Posted Aug 18, 2022 06:09 PM
    It could.  Do you have any old clients that may not support TLS 1.2?

  • 3.  RE: Disabling TLS 1.0/1.1

    Posted Aug 19, 2022 04:24 AM
    You may for clients that you are not sure about run a (wireless) packet capture and check the TLS version used:

    I see occasionally issues after disabling TLS1.0/1.1, but those are in general old devices. Windows 10/11, versions of iOS/Android that are not older than let's say 5-8 years, should all support TLS1.2.

    EDIT: I just see this article that even states that ClearPass 6.9 and up have TLS1.0/1.1 disabled by default.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.