rampplane last edited by
Today, I applied the latest Tunnelblick security update (3.7.5 build 5010) on my Mac High Sierra. After doing so, I reconnected to my pfsense box (2.4.2-RELEASE-p1), and got the following message from Tunnelblick:
Warning: This VPN may not connect in the future.
The OpenVPN configuration file for 'pfSense-UDP4-1194-vpnuser-config' contains these OpenVPN options:
'comp-lzo' was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5
You should update the configuration so it can be used with modern versions of OpenVPN.
Tunnelblick will use OpenVPN 2.4.4 - OpenSSL v1.0.2n to connect this configuration.
However, you will not be able to connect to this VPN with future versions of Tunnelblick that do not include a version of OpenVPN that accepts the options.
I downloaded a new client config from pfsense, and applied it (there were some slightly different settings in the newest version) the same result.
Just thought I should bring it up, in case it is important!
necron last edited by
Just a bump to get some attention and a question.
If the option comp-lzo is to be removed from the clients config, how much would this affect the tunnel?
With the current high bandwidth available, is this still an issue?
DrHorrible last edited by
While I do not have a solution to this problem, I can confirm that I also have received this message. I would hope that anyone with knowledge of this could shed more light.
sco01 last edited by
Same thing here but with a different option:
'ns-cert-type' was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5