HI, On Fri, Jul 24, 2020 at 11:20:24PM +0200, Marc SCHAEFER wrote: > Jul 24 23:04:45 virtual ovpn-multiple[6235]: client05/some-fixed-IP:4998 > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key > Jul 24 23:04:45 virtual ovpn-multiple[6235]: client05/some-fixed-IP:4998 > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key > Jul 24 23:05:45 virtual ovpn-multiple[6235]: client05/some-fixed-IP:4998 > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key > Jul 24 23:05:45 virtual ovpn-multiple[6235]: client05/some-fixed-IP:4998 > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
This is definitely not right.
Not sure what the default value for AES is (for BF-CBC it's 60 minutes),
but it should be in the "many hours" range.
Check your config for "reneg-bytes", "reneg-pkts" and "reneg-sec" settings
that are non-default.
(If this is not fruitful, try re-running with "verb 4" and see if there
is more insight)
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
