On Tue, 22 Feb 2022 00:32:46 +0100, Bo Berglund <bo.bergl...@gmail.com> wrote:

>On Mon, 21 Feb 2022 13:05:17 +0000, André via Openvpn-users
><openvpn-users@lists.sourceforge.net> wrote:
>
>>Hi,
>>
>>According to
>>"RMerlin Asuswrt-Merlin dev" the Asus RT-AC-86U can "hit 200 Mbps of OpenVPN 
>>throughput".
>>
>>"LouisvilleUK" states "I'm getting full 200 down throughput with 
>>PrivateTunnel VPN using AES-128-GCM on the RT-AC86U".
>>
>>
>>https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2
>>
>I am running OpenVPN 2.4.7 on the server, what ASUS RT-AC68U or RT-AC86U are
>running I don't know...
>
>So can I set the following in the server side ccd config for the ASUSrouter
>client and then the router's OpenVPN client will adhere to the setting?
>
>#Set different cipher for the ASUS router client
>cipher AES-128-GCM
>push "cipher AES-128-GCM"
>
>The full ccd file looks like this in that case:
>
>iroute 192.168.117.0 255.255.255.0
>#Disable compression and push it to the client
>comp-lzo no
>push "comp-lzo no"
>#Set different cipher for the ASUS router client
>cipher AES-128-GCM
>push "cipher AES-128-GCM"
>
>Will this also work on the older RT-AC68U router?
>I.e. should I wait until I have replaced the router on the remote LAN?
>
>Right now the cipher line in the main server.conf and client ovpn files looks
>like this:
>cipher AES-256-CBC
>
>Is this the culprit, being 256 rather than 128???
>
>I do not know what is the difference between GCM and CBC...

Forgot to ask:
Can I in some way from the OpenVPN server command a reconnect from the client so
it starts using the new cipher?

If I restart the openvpn service dealing with the client will that force a
renewed connection from the client (I have several services running
concurrently)?


-- 
Bo Berglund
Developer in Sweden



_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to