Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
(01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
(01-11-2024 04:39 AM)complex1 Wrote: [ -> ] (01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.
https://support.yealink.com/en/portal/kn...76bd07181e
(01-11-2024 09:17 PM)jkalber Wrote: [ -> ] (01-11-2024 04:39 AM)complex1 Wrote: [ -> ] (01-11-2024 12:34 AM)jkalber Wrote: [ -> ]Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.
https://support.yealink.com/en/portal/kn...76bd07181e
Submit a ticket to the Yealink support team?
https://ticket.yealink.com/