4. OpenVPN Server TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 ?

OpenVPN Server TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 ?

  • C

    Dear pfSense friends,

    After reading some stuff on the web (and not being an expert...) and trying to make my openvpn connection safer and faster (home: pfsense 2.4.4 p3, i7-2600, 8GB - travel: openwrt 18.06.4 avm 4040 router) ...

    I could achieve TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 (with 4096 bit) via pfsense GUI.

    Before going into detail, is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 achievable via pfsense GUI ?

    Many thanks ! and

    cheers chulio

    0
  • C

    Dear pfSense friends,

    Unfortunately I found this
    https://github.com/davidemyers/algo-pfsense
    saying
    "pfSense does not officially support the ECDSA certs created by Algo, but they do work when you choose Mutual RSA when creating the Phase 1. You may not be able to install ECDSA certs on pfSense versions older than 2.4."
    which relates to IKEv2, but not to OpenVPN.

    I read controversial stuff ECDSA vs RSA about security and speed.
    Shall I stay with RSA ?
    If yes, why is ECDHE anyway used whatever I enter in the DH parameter ?

    Many thanks ! and

    cheers chulio.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy