Hi all,
2012 R2/Windows 8.1 DA environment.
- Windows firewall is on for both clients and server
- KB 2975719, 2993100, 2995004 installed on both client and server - in addition to all updates available via windows update
-Server is behind a firewall with a single nic
- DNS is available externally
- Green ticks across the board on the DA server
- SSL logging enabled as per http://support.microsoft.com/en-au/kb/260729
- Certs issued from internal CA, renovation info confirmed available externally using certutil
- Certificates on the client are confirmed trusted and valid
- Client logs show the client is "unable to contact the DA server", however the server does show the client as connected, but no traffic will flow over the tunnel
-Every time the DA client attempts to connect, the following error is presented in the system event log on the DA server
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
Using wireshark on the client, the client appeared to be using TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA,TLS_RSA_WITH_NULL_MD5
so I updated the policy for the DA server to utilise those ciphers first in the list - still no dice.
I have a strong suspicion this is a cert issue - but im not sure how - as this is the same method I have used to setup DA quite a few (20+) times - but first time I have run into this issue.
Any help much appreciated.