Yealink Forums

Yealink Forums > IP Phone Series > Phone specific topic > Yealink T53-w and OpenVPN
Full Version: Yealink T53-w and OpenVPN
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

jkalber

01-11-2024, 12:34 AM
Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?

complex1

01-11-2024, 04:39 AM
(01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?

Hi,

Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.

jkalber

01-11-2024, 09:17 PM
(01-11-2024 04:39 AM)complex1 Wrote: [ -> ]
(01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?

Hi,

Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.

I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.

https://support.yealink.com/en/portal/kn...76bd07181e

complex1

01-11-2024, 11:19 PM
(01-11-2024 09:17 PM)jkalber Wrote: [ -> ]
(01-11-2024 04:39 AM)complex1 Wrote: [ -> ]
(01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?

Hi,

Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.

I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.

https://support.yealink.com/en/portal/kn...76bd07181e

Submit a ticket to the Yealink support team?
https://ticket.yealink.com/
Yealink Forums > IP Phone Series > Phone specific topic > Yealink T53-w and OpenVPN
Reference URL's