openvpn-client-export not exporting correctly

albgen · Jan 15, 2021, 7:41 PM

hello,

i see the following error on OpenVPN log.

Fri Jan 15 20:38:16 2021 OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-128-CBC') to --data-ciphers (currently 'AES-128-GCM') if you want to connect to this server.
Fri Jan 15 20:38:16 2021 ERROR: Failed to apply push options
Fri Jan 15 20:38:16 2021 Failed to open tun/tap interface

to fix it i have to manually edit the file and remove the following:

data-ciphers AES-128-GCM
data-ciphers-fallback AES-128-CBC

and replace with:

cipher AES-128-GCM

any idea why it is exporting like this?

bingo600 · Jan 16, 2021, 8:25 AM

@albgen

Could it be that you are exporting to an older (legacy) client, and haven't "ticked" that in the export gui ?

albgen · Jan 16, 2021, 10:55 AM

@bingo600 it is a new pfsense installation. Installed client export package and also the latest openvpn client on windows 10.

Regarding your question, no i have not tick that...

huseby_lucas · Feb 9, 2021, 3:22 PM

I also had this issue, thank you @bingo600 for the quick fix. Checking the box for legacy client allowed me to establish a connection. Is there a way to prevent this setting from being applied? how can i update my version of openvpn?

bingo600 · Feb 10, 2021, 8:02 AM

@huseby_lucas

I would expect it to be your "PC / Remote client" that is a 2.4.xx version.

You could download an upgrade from OpenVPN.