LDAPS fails on windows 2012 r2 "SCHANNEL error" Incompatible cipher suites

Question

All, 
 
 I can't seem to get LDAPS working when connecting to a 2012 R2 domain controller, in the past I never had this problem. This is the error I receive on the windows server: 
 A TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 
 I seems that the Sophos UTM does not use any of the cipher suites supported by 2012 R2, which I find odd. 
 UTM has been updated to the latest version. 
 
 Best regards!

yannick wellens · Answer

Hi Bob, 
 I updated the 2012 R2 with the latest patches, however I still have the same problem. 
 Best regards 
 
 *EDIT* 
 Disabling TLS1.2 fixes the issue, it seems that TLS1.2 can not be used to negotiate LDAPS between Sophos and Windows server 2012 R2. I found the solution in the last post on this page: 
 https://social.technet.microsoft.com/Forums/ie/en-US/33258ad8-2a6b-4421-9253-4e0bda459e7b/how-to-enable-tls-12-on-windows-server-2012-r2-for-ldaps-clients?forum=winserversecurity 
 
 To be honest, this is not a real solution as we now have to disable TLS1.2 on the windows server in order to link the Sophos UTM