One or more of the selected Data Encryption Algorithms is not valid

alanvpn

We had to stop our server and our pfsense due to a power outage.
When we restarted them, we could not login to OpenVPN anymore.

fa2966d7-66bf-4166-af61-4423ade2feed-Capture d'écran 2024-05-30 131511.png

In pfsense, I get an error message: "One or more of the selected Data Encryption Algorithms is not valid"
67d858d0-f0c6-4bcb-9fc3-cb8c5790b203-Capture d'écran 2024-05-30 163600.png

How is it possible to fix the problem? I have the 2.7.0 version of pfsense and the 2.6.10-I003 version of OpenVPN.
Thanks for your help

Gertjan

@alanvpn

The fastest way out :
Your using (dealing with) security sensitive stuff : OpenVPN.
Yet, you're way behind with your versions.
( you don't want to deal with an old version of the server and a recent openvpn client, or the other way around )

Read this one first : [https://forum.netgate.com/category/34/openvpn](link url) : the very first pinned post.

Step 1 : don't keep ancient OpenVPN stuff0. pfSense 2.7.0 isn't the latest version, get 2.7.2. This will contain a more recent version of pfSense.

Make your OpenVPN server settings look like this :

Also upgrade your OpenVPN client ( ! ).

Now, from pfSense, re export the OpenVPN client settings to your device.
Enjoy.

alanvpn

@Gertjan

Thanks for your answer.

The thing is that I don't have any option available in "Data Encrytption Algorithms" , "Fallback Data Encyption Algorithm" & "Auth digest algorithm". My 3 errors message certainly are for my 3 algorithms as in the picture below. Don't get why they are not valid anymore while it was ok before...

e0dd435a-3bc1-47b6-8ac5-8d15d49d6b97-Capture d'écran 2024-05-31 100846.png

alanvpn

Was not showing the newer version
Just upgraded to v 2.7.2 via cmd: certctl rehash

And it works!

Thanks