NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Glorfindel's avatar
Glorfindel
Tutor
Apr 17, 2019
Solved

OpenVPN MD5 issue again - r6400v2

Hello,

 

I've just bought R6400v2 and setup the VPN server. I am using the Android OpenVPN client to access my internal network and I have just realised that TLS certificates are still signed with MD5 (vulnerable since 2004), despite the issue has been reported here on February 2018 by ilkeraktuna. I'm really surprised that this important security issue is still unsolved and the thread is now closed.

 

The release notes of the new firmware (1.0.3.66) vaguely indicate that this version “Fixes some minor bugs.” but I found nowhere a list of what has actually been fixed. So two questions:

 

a) What is the status of the MD5 issue on R6400v2 ?
b) What are the minor security fixes 1.0.3.66 fixes?

 

Thanks.

  • DexterJB's avatar
    DexterJB
    Apr 18, 2019

    Hi Glorfindel,

     

    The R6400v2 is among the models that have been updated to switch to the SHA256 certificate as indicated here.

     

    Dexter

1 Reply

  • DexterJB's avatar
    DexterJB
    NETGEAR Moderator
    Apr 18, 2019

    Hi Glorfindel,

     

    The R6400v2 is among the models that have been updated to switch to the SHA256 certificate as indicated here.

     

    Dexter