PCI compliance failing due to use of TLS v1.0


#21

Hi there. I am in the process of attaining approval to use the PepWave 700 Max within my organization and require documented evidence that this device incorporated TLS 1.2. The only resource I can find is Release notes for Firmware 6.3.2, 6.3 Beta and 6.2, with none mentioning the TLS 1.2 update. The device’s user manual also does not include any reference and states it is for V6.1.2.
Any chance you can provide a link to a document that outlines incorporations of TLS 1.2 in the PepWave 700 Max device? and not a forum link as this won’t cut the mustard regarding the approval process. Thanks in advance.


#22

Hi,

You can refer to the latest release note for firmware 6.3.2. It had been updated.

Thank You


#23

Thanks mate thats what I was after.


#24

Hi Team, is there anything in the works for Peplink becoming 3.2 PCI Compliant? If so, can you by chance provide a letter of compliance for that?

Thank you in advance,
Jon Grote


#26

We have the same issue here with our Balance One on firmware 7.0.2 build 3155 but when I check the port 32015 over TLS1.0 it shows that it is working. it is also working with TLS1.1 and 2 so I’m wondering how can I prevent the device respond back on TLS1.0 as this is causing us not being able to be PCI Compliant!!!

Please help


#27

I can’t speak for Peplink but it is standard operating procedure for secure websites to support TLS 1.0 and 1.1 and 1.2. I don’t think it should be this way, but it is. 99.9% of secure websites work this way. Just look at sites using the Qualys SSL server test.


#28

Do you change the PepVPN Backward Compatibility settings to “Restricted (firmware 6.2+)” ?


#29

unfortunately I don’t have that option on my GUI.
is there any way to turn that option on?


#30

The option is available here. Please check the attached screenshot.

image


#31

Here is a snapshot of my console

I don’t see that option. I also checked InControl console but nothing’s there too.


#32

Below the PepVPN Local ID section on that page you’ll see a section titled PepVPN Settings. Click the blue ? mark in the title bar and then the link as per the screenshot above and the Backward compatibility row will appear.


#33

I removed the current VPN profile and PepVPN settings just showed up.
so if anyone is having same issue they need delete active profile in order to be able to change those settings