Hi, this is an odd one that i am only reporting as it feels like something may have been over looked.
1. Start off running win10 server openvpn git-master 20160818 with --cipher AES-256-CBC defined Linux client running git:master/d1bd37fd508ee046 with --cipher AES-256-CBC defined Client connects ok --cipher is negotiated up to AES-256-*GCM* ie: Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key No problem. === 2.a Now leave the client running and stop the server Uninstall openvpn on the server and then install 2.3.12-i601_x86-64 Restart the server. Now server cannot negotiate --cipher and is set at AES-256-CBC Connecting linux client cannot renegotiate --cipher and is set at AES-256-GCM On --ping-restart --cipher is not reset and so the client can no longer connect. Problem. === 2.b At the same time a winXP client is running openvpn 2.3.12-i001_i686 with --cipher AES-256-CBC defined When this connects to the git:master server AES-256-CBC is honoured as the client cannot negotiate When the server is changed to 2.3.12 the winXP client *can* reconnect No problem === I hazard a guess that --client --ping-restart does not reset --cipher. but I do not know if that is intended .. Regards ------------------------------------------------------------------------------ _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
