× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Announcements

Polls
What is your Experience with NETGEAR Insight cloud management?
Top Contributors

Add the SHA256 Hash algorithm to VPN Firewall FVS336Gv3

Hi,

 

I just got a certificate which the hash algorithm is SHA256.

 

But my vpn firewall only allows SHA1.

 

Can you please fix this?

 

Thank you very much.

 

Best regards 

14 Comments
JohnRo
NETGEAR Employee Retired

Hello Guardian2100, 

 

Welcome to the community! 

 

Thank you for posting your request on the Idea Exchange Board. We'll take a look at your request, also please click on the UP arrow (Kudos Icon). The more kudo the post gets from other users the more it will likely be implemented first. 

 

Thanks, 

Guardian2100
Guide

Unfortunately i can't click on the UP arrow which is logical.

JohnRo
NETGEAR Employee Retired

Hello Guardian2100, 

 

Sorry, I didn't notice that it also does not work on Idea Exchange as well. Anyway, I gave you a kudos on this one. 

 

Thanks, 

abrightidea
Tutor

How in the word doesn't netgear support SHA-2 by now?

SHA-1 has been killed January 2017. Everyone else has been migrating for months.

Netgear is last to the party... frustrating.

DaneA
NETGEAR Employee Retired

@abrightidea,

 

I assure you that our development team routinely reviews posts here in the Idea Exchange for Business board to assess which features the community would like to see implemented. While I do not have any information on this particular topic at this time, we greatly appreciate the communities contribution and will keep the status of this idea updated as we get new information on its potential implementation.

 

I encourage you to continue offering valuable feedback and continue to support good ideas by giving Kudos.

 

Regards,

 

DaneA

NETGEAR Community Team

abrightidea
Tutor

@DaneA let's reframe this... SHA-2 isn't a suggestion... it's a *worldwide requirement*

Netgear needs to get on the horse here. Way behind. We're already searching for alternatives. Not that we want to, but we have to.

DaneA
NETGEAR Employee Retired

@abrightidea,

 

I believe our development team is already aware of this.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

train_wreck
Luminary

Just throwing this out here folks.....

 

SHA-1 has been officially broken. Not just "proof of concept", but out in the wild; Github just suffered a major data corruption issue due to SHA-1's weaknessess.

 

https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-d...

https://arstechnica.com/security/2017/02/watershed-sha1-collision-just-broke-the-webkit-repository-o...

 

NETGEAR, you NEED to FIX THIS! Your VPN doesn't even support SHA-256 as the transport hash algorithm, much less for certificates. This is VERY UNSAFE!

 

ALL CERTIFICATE AUTHORITIES ARE NO LONER ISSUING SHA-1 CERTS!!!

Biz1
Observer

I realize that adding support for SAH-256 in the firmware, is a big hit on the CPU, and I am willing to accept a lesser concurrent VPN sessions when I choose this level of encryption. NETGEAR needs to add higher encryption levels as soon as possible. How hard is it to get a dateline on when it will be released!

 

Regard,

Biz.

abrightidea
Tutor

I hope Negear can provide ETA for this necessary enhancement.