On 5 May 2016 3:24 p.m., "Shubham Chauhan" <shubham13...@iiitd.ac.in> wrote: > So, what I get from this is that OpenVPN will do a ssl/tls handshake irrespective of the --cipher none option, because this configuration will only be used in the data channel. Is this right?
Yes. > Also, will using --cipher none get me a faster VPN connection? > I hope so because we are removing encryption - decryption operations which use a lot of time and CPU (keeping security issues aside for a minute here) Most of the time, yes. Unless the speed is limited by the network, rather than your cup, of course. > My original question was actually based on the Wireshark traces I saw. I was expecting no ssl/tls handshake when I had set --cipher none. Is there a config/alternate way which would lead me to show literally no handshake at all (just curious). Yes, there is. But only for one-to-one connections, not for one-to-many (which is the traditional one see many clients). See the static-home.conf and static-office.conf example configs. -Steffan
