We’ve been doing internal vulnerability scans with Qualys and our (3) Pepwave AP One Enterprise access points, running Firmware 3.6.3 build 1952 are coming back with findings indicating that TLS 1.0 and TLS 1.1 are enabled.
Our support partner insists TLS 1.0 and 1.1 are enabled on our Windows Active Domain controllers since we are using certificate-based authentication of domain-joined laptops to authenticate to the access points for Wi-Fi access.
I’m 200% certain that TLS 1.0 and 1.1 are disabled on our domain controllers and this pertains to the https management interface. InControl presents the firmware we’re on as the latest version.
It looks I’m going to be able to mitigate this issue by limiting access to the https management interface, but that doesn’t eliminate the vulnerabilities. Any advise would be greatly appreciated.
Thank you,
John