I have two fully patched Server 2008 R2 VMs that have been running fine for years. It's (way past) time to disable TLS 1, so I've a GPO set to disable this in SCHANNEL for client and server, and add the reg keys under .net 2 and 4 as well as winhttp. These keys are as below
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00
After the second reboot, so these policies are fully effective, the server's single vmxnet3 will sit spinning for a bit in the taskbar then finally go to a red cross "disconnected" symbol, as if the cable was unplugged. Network and Connection Centre won't load. RDP is also not functioning to the hostname but will to the IP.
Host is v6.7, VM hardware V7. Latest VM Tools 10338. Exchange 2010 CAS/Hub roles on servers.
Any ideas?