diff --git a/website/content/docs/release-notes/v0_18_0.mdx b/website/content/docs/release-notes/v0_18_0.mdx
index 4c1735ce57..8b4d0c5de3 100644
--- a/website/content/docs/release-notes/v0_18_0.mdx
+++ b/website/content/docs/release-notes/v0_18_0.mdx
@@ -41,6 +41,18 @@ description: >-
Learn more: Known issues and breaking changes
+
+
+ |
+ Go version 1.23 TLS handshake behavior changes
+ |
+
+ Boundary version 0.18.x uses Go version 1.23, which introduced a new TLS handshake behavior. Some VPN providers struggle with the TLS handshake being sent over 2 frames instead of 1, which can lead to Boundary version 0.18.x controllers, workers, or clients being unable to establish connections. As a workaround, you can revert back to the previous TLS handshake behavior.
+
+ Learn more: Known issues and breaking changes
+ |
+
+
@@ -228,5 +240,24 @@ description: >-
+
+ |
+ 0.18.x
+ |
+
+ Boundary version 0.18.x CLI is unable to establish connections using the boundary connect command
+ |
+
+ Boundary version 0.18.x uses Go version 1.23, which introduced a new TLS handshake behavior. Some VPN providers struggle with the TLS handshake being sent over 2 frames instead of 1, which can lead to Boundary version 0.18.x controllers, workers, or clients being unable to establish connections. As a workaround, you can revert back to the previous TLS handshake behavior.
+
+ To revert back to the previous TLS handshake behavior, add the tlskyber=0 parameters to the GODEBUG environment variable before the boundary connect command. For example:
+
+ GODEBUG=tlskyber=0 boundary connect ssh -target-id <ID>
+
+ Learn more: Go issue #70047 and Go 1.23 Release Notes
+
+ |
+
+
\ No newline at end of file