[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020

Yealink Forums » IP Phone Series » Configuration » Disable TLS 1.0 and less secure Cipher Suites

Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Disable TLS 1.0 and less secure Cipher Suites
Author Message
esachs4 Offline
Junior Member
**

Posts: 1
Joined: Oct 2019
Reputation: 0
Post: #1
Disable TLS 1.0 and less secure Cipher Suites
A client of ours recently had a penetration test done and they found multiple vulnerabilities on the phone system.

I was wondering if there was a way to force TLS 1.1 and 1.2 and disable less secure cipher suites.

Please see attached                
10-06-2019 01:26 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
complex1 Offline
3CX Adv. Cert. Engineer
*****

Posts: 1,522
Joined: Jan 2014
Reputation: 44
Post: #2
RE: Disable TLS 1.0 and less secure Cipher Suites
(10-06-2019 01:26 PM)esachs4 Wrote:  A client of ours recently had a penetration test done and they found multiple vulnerabilities on the phone system.

I was wondering if there was a way to force TLS 1.1 and 1.2 and disable less secure cipher suites.

Please see attached

Hi,

It depend which firmware version the devices are running...
In firmware update x.81.0.70 is added two new supported TLS versions: TLS 1.1 and TLS 1.2
You can configure the TLS version the IP phone uses to negotiate with the provisioning server when using TLS transport method to download the boot file and configuration files from the provisioning server.

The parameter in the auto provision template is as follows: security.default_ssl_method =

It configure the TLS version the IP phone uses to negotiate with the provisioning server when using TLS transport method to download the boot file and configuration files from the provisioning server.
0-use TLS 1.0 to negotiate with the provisioning server.
3-use TLS 1.2 to negotiate with the provisioning server, and it is backward compatible. (Default)
4-use TLS 1.1 to negotiate with the provisioning server.
5-use TLS 1.2 to negotiate with the provisioning server.

Hope this will help.
Kind regards,
Frank.

I am not an employee of Yealink.
Dutch is my native language, not English. Apologies for my imperfect grammar.
Please do not send unsolicited PM messages. I will not answer them.
10-07-2019 10:38 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Disable or override transfer soft button rbohac 1 2,707 07-11-2022 10:26 PM
Last Post: rbohac
Exclamation How to disable VP59 Hotspot feature vía autoprovision? jcvh 0 1,478 07-09-2022 04:17 AM
Last Post: jcvh
  Disable web browser on VP59 cranben 4 6,003 06-24-2022 06:04 AM
Last Post: cranben
  Disable Call Rejection nicknomo 6 23,317 01-28-2022 03:51 PM
Last Post: K4n4lj3
Information Manage SIP accounts enable / disable with EDK macros jsubirana 9 14,957 01-27-2022 10:13 PM
Last Post: wwg
  Disable Speakerphone key? lruiz@connexum.com 4 15,530 12-11-2019 03:55 PM
Last Post: Yisroel_MongoTEL
  Blacklist disable dbusacca 4 14,244 07-04-2018 02:21 PM
Last Post: stan0ne
  Yealink secure certificates and disabling ciphers Scot E. 1 8,314 12-29-2017 03:40 AM
Last Post: Lucia_Yealink
  Disable full-screen display on T48S when other extensions are being called TStaudte 0 5,875 07-21-2017 05:08 AM
Last Post: TStaudte
  Disable Basic Settings MichaelY 1 9,580 05-07-2016 06:25 AM
Last Post: Karl_Yealink

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication