Dear @shberge,

shberge wrote

how to configure SHA2 encryption on ER605 v2 , and ER605 v1?

next firmware have come on ER605 v1 but I don't find SHA2 on it either.

Omada Controller v5.4 will add SHA2 encryption. At present, SHA2 encryption is supported on ER605 V2 in Standalone mode.

The ER605 V1 1.2.1 firmware doesn't add SHA2 encryption, it will be supported in the subsequent firmware update, please check the final firmware release note for confirmation.

Dear @shberge,

shberge wrote

i try sha2 here but it doesn't seem to work, vpn connects only with sha1, i can configure sha1 on one site and sha2 on another site it still works connect both sites with sha1,
controller is 5.4.6 on ubuntu firmware on ER605v2 is 2.0.2 Build 20220727 Rel.51535, but I have tried several versions on the router, none of them work with sha2

Did you try SHA2 with two ER605 v2, Or one ER605 v1 + one ER605 v2?

Kind note that Omada Controller v5.4 has added the support of the SHA2 configuration, but it requires upgrading the ER605 to the adapted firmware to make SHA2 take effect. The current latest ER605 v1 firmware (1.2.1) doesn't support SHA2 yet.

Dear @shberge,

shberge wrote

there are two ER605v2

but the stratrange thing is if I use SHA2 in one site and SHA1 in another site vpn still work. 

Thanks for confirming the information.

The issue has been reported to the support engineer for further investigation. Any update, will keep you informed.

Dear @shberge,

Sorry that I forgot to update this case. The issue has been addressed, it's due to that the current ER605 V2 2.0.1 firmware is still adapted to Controller 4.3.5, so SHA2 configuration on the Controller v5.4 doesn't take effect. The subsequent firmware update of the ER605 v2 will be adapted to the Controller v5.4.