9/2/2023 0 Comments Global vpn client vs ssl vpn![]() The only solution that works, at this time, is to manually uninstall KB5018410 and pause updates to prevent reinstallation. I also used the IIS Crypto software from Nartac to explicitly enable all legacy cipher suites on several affected client workstations, which similarly failed to resolve the issue. Though "common algorithm" sounds more like a cipher, hash, or key exchange issue, I enabled all legacy version of TLS on the client computers via the appropriate registry keys to no avail: they still could not connect with KB5018410 installed. While I suppose it's possible that something changed server-side, I deem it extremely unlikely to be related since clients connect fine until KB5018410 is installed, cannot connect once it is installed, then connect again without issue once it's uninstalled and updates are paused. However, there's little my team can do about it since it's under the control of another entity for whom our organization does a very large portion of our work via the aforementioned SSL VPN. Yes, I am aware that the destination VPN server is well past EoL. Removal of KB5018410 resolves the issue, but Windows Update must also be paused on the client computers to prevent reoccurrence from the update simply reinstalling. ![]() The client workstations are able to attach to the SSL VPN and everything functions properly until KB5018410 is installed on clients on either of builds 21H1 or 21H2, at which point clients receive the message "client and server can't communicate because they don't possess a common algorithm". Server: Windows 2008 R2 using a self-signed certificate. SSL VPN connections using built-in Windows VPN client. As stated in the subject, Windows 10 update KB5018410 breaks currently functional SSL VPN connections.Ĭlients: Windows 10 Professional.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |