tag:blogger.com,1999:blog-1740550564148120237.post6728417149172633264..comments2023-09-23T07:51:06.345-07:00Comments on NetScanTools® Inside Out: How to use Remote Desktop to access Windows Server 2012 from Windows 7 with TLS 1.0 DisabledUnknownnoreply@blogger.comBlogger11125tag:blogger.com,1999:blog-1740550564148120237.post-69878616141360914772015-11-05T10:52:02.872-08:002015-11-05T10:52:02.872-08:00Ok, the problem might have been I was download the...Ok, the problem might have been I was download the update and thought I was installing it but it wasn't doing anything. In Windows updates, it was an "optional" update and it wasn't unflagging it optional by going outside of Windows updates. I had to go to windows updates, click on settings, find the optional update and install it via windows updates. It says 8.1 now. I haven't tested it but I would presume it is going to work now. Thanks for you help. I let you otherwise, but I'm 90% sure I'm set now. Why Microsoft makes "security" so difficult and "optional" is very confusing to me.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-64871686708512492222015-11-05T09:09:56.830-08:002015-11-05T09:09:56.830-08:00I would go back to the KB 2592687 article. There w...I would go back to the KB 2592687 article. There was a prerequisite hotfix you have to apply before downloading and installing the new RDP. You also had to Enable the Update on the Client afterwards in the registry. Not a simple process. I assume you have Win7 sp1 because that is also required.Kirk Thomashttps://www.blogger.com/profile/01196946760222412036noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-24360109263840699872015-11-05T07:43:26.577-08:002015-11-05T07:43:26.577-08:00Ok, found the about and despite installing the KB ...Ok, found the about and despite installing the KB and rebooting, the RDP client does say it is still RDP 7.1 supported.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-37657412432200333112015-11-04T14:37:03.206-08:002015-11-04T14:37:03.206-08:00Well, I don't know why it didn't work. Are...Well, I don't know why it didn't work. Are sure TLS 1.1 and 1.2 are enabled on the server? Did you reboot your win 7 box after installing the later RDP? Our Win 7 RDP client is v6.2.9200 and it says Remote Desktop Protocol 8.0 supported at the bottom. You get to the about window by clicking on the upper left icon on the RDP window. If you have win 8.x or win 10, none of this matters because they support RDP 8.1 now.Kirk Thomashttps://www.blogger.com/profile/01196946760222412036noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-54741769491681577852015-11-04T14:25:31.139-08:002015-11-04T14:25:31.139-08:00It didn't work. Even with the KB installed on...It didn't work. Even with the KB installed on the client, once TLS 1.0 is turned off on the server, I can no longer access it with RDP. I immediately get "This computer cannot be connected to remote computer" Very aggravating trying to solve this. However, thanks for your help.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-43037672433579273372015-11-04T14:09:21.364-08:002015-11-04T14:09:21.364-08:00uh, duhh. {Hammer to the head} lol
Sorry about t...uh, duhh. {Hammer to the head} lol<br />Sorry about that. Running around chasing my tail over this.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-28874513056881560152015-11-04T13:43:20.215-08:002015-11-04T13:43:20.215-08:00That's the whole point of the article. Older R...That's the whole point of the article. Older RDP only maxes out at TLS 1.0. You have to get RDP 8 or newer if you want to use TLS 1.1 and 1.2. TLS 1.0 is off on our 2012 box that I used as an example.<br /><br />Yes, those are settings for the whole server. There is only one place to make those changes and they effect the whole system.<br /><br />Follow the link in the article to get a newer RDP client and it will work fine with 1.1 and 1.2.Kirk Thomashttps://www.blogger.com/profile/01196946760222412036noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-66385803249523693182015-11-04T13:33:55.037-08:002015-11-04T13:33:55.037-08:00Yep, they were right. I turned off TLS 1.0 and I c...Yep, they were right. I turned off TLS 1.0 and I can no longer get to the win-server 2012 machine using RDP.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-38238125913685481942015-11-04T13:32:33.712-08:002015-11-04T13:32:33.712-08:00Well, I use IISCrypto that makes all those registr...Well, I use IISCrypto that makes all those registry changes for me automatially. However, those are setting the security protocols for the whole server, not specifically RDP. I am warned that RDP ONLY supports TLS 1.0 and if I turn TLS 1.0 off, RDP will stop working. ;) Everything I read says Microsoft RDP ONLY support TLS 1.0.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-38786163798913407722015-11-04T13:18:40.524-08:002015-11-04T13:18:40.524-08:00You can make the client or server not use TLS 1.0 ...You can make the client or server not use TLS 1.0 by going to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\TLS 1.0<br /><br />Add a Client or Server key depending on which system you are on. Your 2012 box would have the Server key and your RDP client box would have the Client key. In that key add a DWORD value DisabledByDefault with a value of 1. Also add another DWORD key Enabled with a value of 0. You have to reboot for these changes to take effect.Kirk Thomashttps://www.blogger.com/profile/01196946760222412036noreply@blogger.comtag:blogger.com,1999:blog-1740550564148120237.post-64992292352446909232015-11-04T12:57:28.678-08:002015-11-04T12:57:28.678-08:00How do you turn off TLS 1.0 on Windows 2012 RDP? ...How do you turn off TLS 1.0 on Windows 2012 RDP? Thanks.Imspadhttps://www.blogger.com/profile/10857927809818199249noreply@blogger.com