[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Disable TLS 1.0 and less secure Cipher Suites
Author Message
esachs4 Offline
Junior Member
**

Posts: 1
Joined: Oct 2019
Reputation: 0
Post: #1
Disable TLS 1.0 and less secure Cipher Suites
A client of ours recently had a penetration test done and they found multiple vulnerabilities on the phone system.

I was wondering if there was a way to force TLS 1.1 and 1.2 and disable less secure cipher suites.

Please see attached                
10-06-2019 01:26 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
complex1 Offline
3CX Adv. Cert. Engineer
*****

Posts: 1,240
Joined: Jan 2014
Reputation: 36
Post: #2
RE: Disable TLS 1.0 and less secure Cipher Suites
(10-06-2019 01:26 PM)esachs4 Wrote:  A client of ours recently had a penetration test done and they found multiple vulnerabilities on the phone system.

I was wondering if there was a way to force TLS 1.1 and 1.2 and disable less secure cipher suites.

Please see attached

Hi,

It depend which firmware version the devices are running...
In firmware update x.81.0.70 is added two new supported TLS versions: TLS 1.1 and TLS 1.2
You can configure the TLS version the IP phone uses to negotiate with the provisioning server when using TLS transport method to download the boot file and configuration files from the provisioning server.

The parameter in the auto provision template is as follows: security.default_ssl_method =

It configure the TLS version the IP phone uses to negotiate with the provisioning server when using TLS transport method to download the boot file and configuration files from the provisioning server.
0-use TLS 1.0 to negotiate with the provisioning server.
3-use TLS 1.2 to negotiate with the provisioning server, and it is backward compatible. (Default)
4-use TLS 1.1 to negotiate with the provisioning server.
5-use TLS 1.2 to negotiate with the provisioning server.

Hope this will help.

Kind regards,
Frank.

I am not an employee of Yealink.
Dutch is my native language, not English. Apologies for my imperfect grammar.
Please do not send unsolicited PM messages. I will not answer them.
10-07-2019 10:38 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Disable Call Rejection nicknomo 6 16,414 01-28-2022 03:51 PM
Last Post: K4n4lj3
Information Manage SIP accounts enable / disable with EDK macros jsubirana 9 6,605 01-27-2022 10:13 PM
Last Post: wwg
  Disable Speakerphone key? lruiz@connexum.com 4 11,081 12-11-2019 03:55 PM
Last Post: Yisroel_MongoTEL
  Blacklist disable dbusacca 4 10,590 07-04-2018 02:21 PM
Last Post: stan0ne
  Yealink secure certificates and disabling ciphers Scot E. 1 5,784 12-29-2017 03:40 AM
Last Post: Lucia_Yealink
  Disable full-screen display on T48S when other extensions are being called TStaudte 0 4,107 07-21-2017 05:08 AM
Last Post: TStaudte
  Disable Basic Settings MichaelY 1 7,164 05-07-2016 06:25 AM
Last Post: Karl_Yealink
  Disable call forwarding feature. TruckingExp 3 9,646 08-14-2015 04:19 AM
Last Post: Karl_Yealink
  Secure Yealink - stability? blind_oracle 5 9,910 06-10-2015 04:14 AM
Last Post: Flora_Yealink
  T2XXP - Disable Button jason.luka 1 5,623 08-14-2014 05:33 PM
Last Post: Yealink Support

Forum Jump:


User(s) browsing this thread:

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication