https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713915#M490318 By unchecking tls 1.0 &amp; 1.1 it will only use 1.2, please see the note in the admin ui<BR /> Thu, 27 Sep 2018 03:42:44 GMT Jason Kunst 2018-09-27T03:42:44Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713309#M490315 <P>Hello Team,</P> <P>&nbsp;</P> <P>We would like to know if Cisco ISE 2.4&nbsp;can support tls 1.2?. if NOT, any documents?</P> Wed, 26 Sep 2018 08:24:44 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713309#M490315 ccg-security 2018-09-26T08:24:44Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713383#M490316 Please check the release notes<BR /><BR /><BR /><A href="https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/release_notes/b_ise_24_rn.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/release_notes/b_ise_24_rn.html</A><BR /> Wed, 26 Sep 2018 10:25:45 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713383#M490316 Jason Kunst 2018-09-26T10:25:45Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713912#M490317 <P>Based on the link that you provided is for ISE to be the client only, however we need to disable the tls 1.0 and 1.1 for ISE to be the host. If we uncheck the tls 1.0 and 1.1, it will automatically use 1.2?</P> Thu, 27 Sep 2018 03:33:13 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713912#M490317 ccg-security 2018-09-27T03:33:13Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713915#M490318 By unchecking tls 1.0 &amp; 1.1 it will only use 1.2, please see the note in the admin ui<BR /> Thu, 27 Sep 2018 03:42:44 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713915#M490318 Jason Kunst 2018-09-27T03:42:44Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713935#M490319 Hi based on the documents that the ISE acts a client not on server. We are pointing to the ISE Server itself.<BR /><BR />What is New in Cisco ISE, Release 2.4<BR />The Default TLS Version when initiating External Connections through Proxy is TLS 1.2<BR />When the Cisco ISE acts as a client, the default protocol used for the connections initiated from it to the external entities is TLS 1.2 In this case the supported protocol will be TLS 1.2 only. In case you want to provide support for lower versions as well (which might be insecure), these versions need to be explicitly enabled from the Cisco ISE by going to the following page: Administration &gt; System &gt; Settings &gt; Security Settings. Thu, 27 Sep 2018 04:56:35 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3713935#M490319 ccg-security 2018-09-27T04:56:35Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3714258#M490320 <P>We also tried to access on the ISE 2.4 version, however it seems that TLS 1.2 can’t be allowed on the Security settings .&nbsp;With all the above mentioned, If TLS 1.2 is confirmed supported on the ISE 2.4 and with ISE as a host, can we allow TLS 1.2 alone on it?</P> Thu, 27 Sep 2018 12:55:58 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3714258#M490320 ccg-security 2018-09-27T12:55:58Z https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3714272#M490321 Turning off 1.0 and 1.1 forces 1.2 for all communications using TLS <BR /> Thu, 27 Sep 2018 13:07:41 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-2-4-tls-1-2/m-p/3714272#M490321 Jason Kunst 2018-09-27T13:07:41Z