On 2018-06-15 05:29 PM, Alex K wrote: > Hi all, > > I have a server/client setup where I have set the following directive at > server and client: > > cipher AES-128-CBC > > When establishing VPN at client logs I see: > > Fri Jun 15 17:25:22 2018 Data Channel Encrypt: *Cipher 'AES-256-GCM' > *initialized > with 256 bit key > Fri Jun 15 17:25:22 2018 Data Channel Decrypt: Cipher 'AES-256-GCM' > initialized with 256 bit key > Fri Jun 15 17:25:22 2018 ROUTE_GATEWAY 192.168.29.1/255.255.255.0 > IFACE=enp3s0 HWADDR=00:30:18:02:f0:e4 > Fri Jun 15 17:25:22 2018 TUN/TAP device tun1 opened > Fri Jun 15 17:25:22 2018 TUN/TAP TX queue length set to 100 > Fri Jun 15 17:25:22 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 > Fri Jun 15 17:25:22 2018 /sbin/ip link set dev tun1 up mtu 1500 > Fri Jun 15 17:25:22 2018 /sbin/ip addr add dev tun1 169.251.0.2/16 > broadcast 169.251.255.255 > Fri Jun 15 17:25:22 2018 /usr/bin/vpn_up_down tun1 1500 1556 169.251.0.2 > 255.255.0.0 init > Fri Jun 15 17:25:22 2018 /sbin/ip route add 10.16.16.0/24 via 192.168.29.1 > Fri Jun 15 17:25:22 2018 Initialization Sequence Completed > > The log indicates that Cipher AES-256-GCM is used. Am i missing sth? Is > this expected?
Yes, cipher negotiation is a new feature of the 2.4 branch. You can get more information about it by searching for "ncp-ciphers" in https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage Regards, Simon ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users