+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: Phone specific topic (/forumdisplay.php?fid=12)
+--- Thread: Yealink T53-w and OpenVPN (/showthread.php?tid=47252)
Yealink T53-w and OpenVPN - jkalber - 01-11-2024 12:34 AM
Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
RE: Yealink T53-w and OpenVPN - complex1 - 01-11-2024 04:39 AM
(01-11-2024 12:34 AM)jkalber Wrote: Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
RE: Yealink T53-w and OpenVPN - jkalber - 01-11-2024 09:17 PM
(01-11-2024 04:39 AM)complex1 Wrote:(01-11-2024 12:34 AM)jkalber Wrote: Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.
https://support.yealink.com/en/portal/knowledge/show?id=64995b636a27da76bd07181e
RE: Yealink T53-w and OpenVPN - complex1 - 01-11-2024 11:19 PM
(01-11-2024 09:17 PM)jkalber Wrote:(01-11-2024 04:39 AM)complex1 Wrote:(01-11-2024 12:34 AM)jkalber Wrote: Hello, we currently are using Yealink SIP-T53w phones. These phones report to our on-prem FreePBX phone system. A few of the phones are remote phones that we have an OpenVPN certificate applied to. The VPN certificates we're using are RSA-SHA1 which is a weak digest/algorithm and no longer supported on our firewalls. Since upgrading the firewalls and creating new certificates for SHA-256, the phones no longer work. Are these phones only compatible with RSA-SHA1?
Hi,
Please correct me if I'm wrong, but as far as I know, the phone supports AES 256 and not SHA 256.
I'm referring Auth digest algorithm. I found some documentation on Yealink's site and noticed it says IP Phones support MD5 and SHA1 signature algorithms.
https://support.yealink.com/en/portal/knowledge/show?id=64995b636a27da76bd07181e
Submit a ticket to the Yealink support team?
https://ticket.yealink.com/