NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Guardian2100's avatar
Guardian2100
Guide
Jan 06, 2016

Add the SHA256 Hash algorithm to VPN Firewall FVS336Gv3

Hi,

 

I just got a certificate which the hash algorithm is SHA256.

 

But my vpn firewall only allows SHA1.

 

Can you please fix this?

 

Thank you very much.

 

Best regards 

algorithm
hash
ipsec
SHA-2
SMB Router
ssl

14 Comments

  • JohnRo's avatar
    JohnRo
    NETGEAR Employee Retired
    Jan 06, 2016

    Hello Guardian2100, 

     

    Welcome to the community! 

     

    Thank you for posting your request on the Idea Exchange Board. We'll take a look at your request, also please click on the UP arrow (Kudos Icon). The more kudo the post gets from other users the more it will likely be implemented first. 

     

    Thanks, 

  • JohnRo's avatar
    JohnRo
    NETGEAR Employee Retired
    Jan 15, 2016

    Hello Guardian2100, 

     

    Sorry, I didn't notice that it also does not work on Idea Exchange as well. Anyway, I gave you a kudos on this one. 

     

    Thanks, 

  • abrightidea's avatar
    abrightidea
    Tutor
    Feb 22, 2017

    How in the word doesn't netgear support SHA-2 by now?

    SHA-1 has been killed January 2017. Everyone else has been migrating for months.

    Netgear is last to the party... frustrating.

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Feb 22, 2017

    abrightidea,

     

    I assure you that our development team routinely reviews posts here in the Idea Exchange for Business board to assess which features the community would like to see implemented. While I do not have any information on this particular topic at this time, we greatly appreciate the communities contribution and will keep the status of this idea updated as we get new information on its potential implementation.

     

    I encourage you to continue offering valuable feedback and continue to support good ideas by giving Kudos.

     

    Regards,

     

    DaneA

    NETGEAR Community Team

  • abrightidea's avatar
    abrightidea
    Tutor
    Feb 22, 2017

    DaneA let's reframe this... SHA-2 isn't a suggestion... it's a *worldwide requirement*

    Netgear needs to get on the horse here. Way behind. We're already searching for alternatives. Not that we want to, but we have to.

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Feb 23, 2017

    abrightidea,

     

    I believe our development team is already aware of this.  

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

  • train_wreck's avatar
    train_wreck
    Luminary
    Feb 26, 2017

    Just throwing this out here folks.....

     

    SHA-1 has been officially broken. Not just "proof of concept", but out in the wild; Github just suffered a major data corruption issue due to SHA-1's weaknessess.

     

    https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/

    https://arstechnica.com/security/2017/02/watershed-sha1-collision-just-broke-the-webkit-repository-others-may-follow/

     

    NETGEAR, you NEED to FIX THIS! Your VPN doesn't even support SHA-256 as the transport hash algorithm, much less for certificates. This is VERY UNSAFE!

     

    ALL CERTIFICATE AUTHORITIES ARE NO LONER ISSUING SHA-1 CERTS!!!

  • Biz1's avatar
    Biz1
    Observer
    Jun 08, 2017

    I realize that adding support for SAH-256 in the firmware, is a big hit on the CPU, and I am willing to accept a lesser concurrent VPN sessions when I choose this level of encryption. NETGEAR needs to add higher encryption levels as soon as possible. How hard is it to get a dateline on when it will be released!

     

    Regard,

    Biz.