FreeSoldier
Technical User
Hi,
Our 2012 R2 Windows Server is setup to accept VPN connection via the "Routing and Remote Access" Tool.
We currently only accept L2TP and IKEv2 VPN Connections with a Preshared Key Setting.
Since our business accepted credit cards, we are required to run a PCI scan via trustwave.com.
The PCI scans are failing due to:
Weak Encryption Ciphers identified on VPN Device on port 500 UDP Protocol
Weak Diffie-Hellman groups identified on VPN Device on port 500 UDP Protocol
The remediation recommended are:
Removing support for DES/3DES encryption ciphers on this VPN device.
Use Diffie-Hellman Key Exchange Group 5 or higher where possible, or the highest available to the VPN endpoints.
How can I apply the above remediation to our Server? I have been looking all over the web without much success.
Thanks in Advance for all your help.
Our 2012 R2 Windows Server is setup to accept VPN connection via the "Routing and Remote Access" Tool.
We currently only accept L2TP and IKEv2 VPN Connections with a Preshared Key Setting.
Since our business accepted credit cards, we are required to run a PCI scan via trustwave.com.
The PCI scans are failing due to:
Weak Encryption Ciphers identified on VPN Device on port 500 UDP Protocol
Weak Diffie-Hellman groups identified on VPN Device on port 500 UDP Protocol
The remediation recommended are:
Removing support for DES/3DES encryption ciphers on this VPN device.
Use Diffie-Hellman Key Exchange Group 5 or higher where possible, or the highest available to the VPN endpoints.
How can I apply the above remediation to our Server? I have been looking all over the web without much success.
Thanks in Advance for all your help.
