Merge pull request #47694 from cherylmc/tls

ktoliver · web-flow · commit e5076c7e1b31 · 2018-07-30T14:41:18.000-07:00
tls
diff --git a/articles/vpn-gateway/vpn-gateway-vpn-faq.md b/articles/vpn-gateway/vpn-gateway-vpn-faq.md
@@ -2,18 +2,11 @@
 title: Azure VPN Gateway FAQ | Microsoft Docs
 description: The VPN Gateway FAQ. FAQ for Microsoft Azure Virtual Network cross-premises connections, hybrid configuration connections, and VPN Gateways.
 services: vpn-gateway
-documentationcenter: na
 author: cherylmc
-manager: jeconnoc
-editor: ''
 
-ms.assetid: 6ce36765-250e-444b-bfc7-5f9ec7ce0742
 ms.service: vpn-gateway
-ms.devlang: na
-ms.topic: get-started-article
-ms.tgt_pltfrm: na
-ms.workload: infrastructure-services
-ms.date: 06/06/2018
+ms.topic: conceptual
+ms.date: 07/27/2018
 ms.author: cherylmc
 
 ---
diff --git a/includes/vpn-gateway-faq-p2s-all-include.md b/includes/vpn-gateway-faq-p2s-all-include.md
@@ -5,10 +5,14 @@
  author: cherylmc
  ms.service: vpn-gateway
  ms.topic: include
- ms.date: 06/04/2018
+ ms.date: 07/30/2018
  ms.author: cherylmc
  ms.custom: include file
 ---
+### How many VPN client endpoints can I have in my Point-to-Site configuration?
+
+We support up to 128 VPN clients to be able to connect to a virtual network at the same time.
+
 ### <a name="supportedclientos"></a>What client operating systems can I use with Point-to-Site?
 
 The following client operating systems are supported:
@@ -25,13 +29,7 @@ The following client operating systems are supported:
 * Linux (StrongSwan)
 * iOS
 
->[!NOTE]
->[!INCLUDE [TLS](vpn-gateway-tls-updates.md)]
->
-
-### How many VPN client endpoints can I have in my Point-to-Site configuration?
-
-We support up to 128 VPN clients to be able to connect to a virtual network at the same time.
+[!INCLUDE [TLS](vpn-gateway-tls-updates.md)]
 
 ### Can I traverse proxies and firewalls using Point-to-Site capability?
 
diff --git a/includes/vpn-gateway-faq-p2s-radius-include.md b/includes/vpn-gateway-faq-p2s-radius-include.md
@@ -43,4 +43,4 @@ When using Azure for certificate authentication, the Azure VPN gateway performs
 
 ### Does RADIUS authentication work with both IKEv2, and SSTP VPN?
 
-Yes, RADIUS authentication is supported for both IKEv2, and SSTP VPN.  
+Yes, RADIUS authentication is supported for both IKEv2, and SSTP VPN. 
diff --git a/includes/vpn-gateway-tls-include.md b/includes/vpn-gateway-tls-include.md
@@ -0,0 +1,29 @@
+---
+ title: include file
+ description: include file
+ services: vpn-gateway
+ author: cherylmc
+ ms.service: vpn-gateway
+ ms.topic: include
+ ms.date: 07/27/2018
+ ms.author: cherylmc
+ ms.custom: include file
+---
+
+
+1. Open a command prompt with elevated priveleges by right-clicking on **Command Prompt** and selecting **Run as administrator**.
+2. Run the following commands in the command prompt:
+
+  ```
+  reg add HKLM\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13 /v TlsVersion /t REG_DWORD /d 0xfc0
+  reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp" /v DefaultSecureProtocols /t REG_DWORD /d 0xaa0
+  if %PROCESSOR_ARCHITECTURE% EQU AMD64 reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp" /v DefaultSecureProtocols /t REG_DWORD /d 0xaa0
+  ```
+
+3. Install the following updates:
+  
+  * [KB3140245](https://www.catalog.update.microsoft.com/search.aspx?q=kb3140245)
+  * [KB2977292](https://www.microsoft.com/en-us/download/details.aspx?id=44342)
+
+4. Reboot the computer.
+5. Connect to the VPN.
diff --git a/includes/vpn-gateway-tls-updates.md b/includes/vpn-gateway-tls-updates.md
@@ -5,19 +5,21 @@
  author: cherylmc
  ms.service: vpn-gateway
  ms.topic: include
- ms.date: 06/05/2018
+ ms.date: 07/30/2018
  ms.author: cherylmc
  ms.custom: include file
 ---
-Starting July 1, 2018, support is being removed for TLS 1.0 and 1.1 from Azure VPN Gateway. VPN Gateway will support only TLS 1.2. To maintain TLS support and connectivity for your Windows 7 and Windows 8 point-to-site clients that use TLS, we recommend that you install the following updates:
+>[!NOTE]
+>Starting July 1, 2018, support is being removed for TLS 1.0 and 1.1 from Azure VPN Gateway. VPN 
+>Gateway will support only TLS 1.2. To maintain support, see the [updates to enable support for TLS1.2](#tls1).
 
-•	[Update for Microsoft EAP implementation that enables the use of TLS](https://support.microsoft.com/help/2977292/microsoft-security-advisory-update-for-microsoft-eap-implementation-th)
-
-•	[Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP](https://support.microsoft.com/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in)
-
-The following legacy algorithms will also be deprecated for TLS on July 1, 2018:
+Additionally, the following legacy algorithms will also be deprecated for TLS on July 1, 2018:
 
 * RC4 (Rivest Cipher 4)
 * DES (Data Encryption Algorithm)
 * 3DES (Triple Data Encryption Algorithm)
 * MD5 (Message Digest 5)
+
+### <a name="tls1"></a>How do I enable support for TLS 1.2 in Windows 7 and Windows 8.1?
+
+[!INCLUDE [tls 1.2](vpn-gateway-tls-include.md)]

Original file line number	Diff line number	Diff line change
`@@ -43,4 +43,4 @@ When using Azure for certificate authentication, the Azure VPN gateway performs`
`43`	`43`
`44`	`44`	`### Does RADIUS authentication work with both IKEv2, and SSTP VPN?`
`45`	`45`
`46`		`-Yes, RADIUS authentication is supported for both IKEv2, and SSTP VPN.`
	`46`	`+Yes, RADIUS authentication is supported for both IKEv2, and SSTP VPN.`