This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable TLS 1.1 on UTM

Hello,

When running a scan with nessus, there were errors thrown regarding the usage of unsecure TLS 1.1, I was going to disable it from the server manually, but is it possible to do it from the UI? Will there be an update to disable the depreciated versions?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi  

    If this scan picked up TLS 1.1 for email protection, it is possible to change the TLS version from the GUI. 

    Please navigate to Email Protection > SMTP > Advanced > TLS Settings, you should be able to change TLS version, but ensure you read on the page before making this change.

    Thanks,

  • Hi ,

     

    Thank you for the response, but i do no think it is only for SMTP, it did not specify for SMTP, it might be for the webadmin, is there a way to disable TLS 1.1 and lower without modifying the server?

     

    Thanks

  • Hi and welcome to the UTM Community!

    What version are you on? If below 9.702, apply that Up2Date (DO NOT APPLY 9.703!) and then tell us if you're still seeing TLS 1.1.  Can you tell which port was being scanned when TLSv1.1 was seen?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

     

    Current installed  version is 9.702-1. It was pointing to port 443, I saw the release notes of 703-1 mentioned support for TLS 1.2, would that solve this you think?

     

    Thanks

Reply Children