12/11/2023 0 Comments Tls versions end of life![]() ![]() If Duo check is successful, Duo RD Gateway module on RD Gateway server contacts Duo API again to send the 2FA auth request - outbound request from RD Gateway server will need to be TLS 1.2 with allowed ciphers (from the.Duo RD Gateway module on RD Gateway server contacts Duo API as a health check - outbound request from RD Web server will need to be TLS 1.2 with allowed ciphers (from the.End-user client connects to RD Gateway - use whatever TLS/Ciphers the RD Gateway server accepts.After Duo success the user continues with remote sessionĭuo installed on RD Gateway (the difference here is that the RD client never communicates directly with Duo):.If the user picks Duo Push the request goes to the user’s phone with Duo Mobile installed - mobile OS much be able to communicate with Duo service using TLS 1.2 with allowed ciphers.If Duo check is successful, client browser loads the interactive prompt from Duo’s service - browser comms from client to Duo will need to be TLS 1.2 with allowed ciphers. ![]() Duo RD Web module on RD Web server contacts Duo API as a health check - outbound request from RD Web server will need to be TLS 1.2 with allowed ciphers (from the.End-user client connects to RD Web - use whatever TLS/Ciphers the RD Web server accepts.So this change with Duo means that it will actively refuse to connect if the client and/or server doesn’t support TLS 1.2 However, they’re all Windows 10 or 11 with regular updates so I’d expect them to be supporting TLS 1.2 or 1.3. In terms of #3 endpoints, the clients don’t have the more expensive license which would show information about endpoints. In terms of phones, there is one phone listed as end-of-life (Android 9 and below) and five out-of-date (all IOS). That suggests to me that the Windows server is using TLS 1.2. That reports that this connection is secure and using TLS 1.2. In terms of #1, I’ve loaded the RDS web console ( and looked in dev tools. Collection of Windows PCs used to run remote desktop connection to connect to RDS.Various Android and IOS devices running the Duo app to response to pushes.The Windows 2019 server hosting the above apps for remote desktop services (RDS).The email isn’t very useful on narrowing down which devices so I’m a bit lost! AFAIK, there are three possible targets: They’ve all received the email about TLS 1.0 and 1.1 been depreciated and that they have devices still using these protocols. Several of my clients use Duo Authentication for Remote Desktop Gateway and Duo for Remote Desktop Web Access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |