Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    openvpn-client-export not exporting correctly

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      albgen
      last edited by

      hello,

      i see the following error on OpenVPN log.

      Fri Jan 15 20:38:16 2021 OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-128-CBC') to --data-ciphers (currently 'AES-128-GCM') if you want to connect to this server.
      Fri Jan 15 20:38:16 2021 ERROR: Failed to apply push options
      Fri Jan 15 20:38:16 2021 Failed to open tun/tap interface

      to fix it i have to manually edit the file and remove the following:

      data-ciphers AES-128-GCM
      data-ciphers-fallback AES-128-CBC

      and replace with:

      cipher AES-128-GCM

      any idea why it is exporting like this?

      bingo600B 1 Reply Last reply Reply Quote 0
      • bingo600B
        bingo600 @albgen
        last edited by

        @albgen

        Could it be that you are exporting to an older (legacy) client, and haven't "ticked" that in the export gui ?

        d3335268-3cd6-4c87-8e62-b54ff83457c0-image.png

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        A 1 Reply Last reply Reply Quote 0
        • A
          albgen @bingo600
          last edited by

          @bingo600 it is a new pfsense installation. Installed client export package and also the latest openvpn client on windows 10.

          Regarding your question, no i have not tick that...

          1 Reply Last reply Reply Quote 0
          • H
            huseby_lucas
            last edited by

            I also had this issue, thank you @bingo600 for the quick fix. Checking the box for legacy client allowed me to establish a connection. Is there a way to prevent this setting from being applied? how can i update my version of openvpn?

            bingo600B 1 Reply Last reply Reply Quote 0
            • bingo600B
              bingo600 @huseby_lucas
              last edited by

              @huseby_lucas

              I would expect it to be your "PC / Remote client" that is a 2.4.xx version.

              You could download an upgrade from OpenVPN.

              If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

              pfSense+ 23.05.1 (ZFS)

              QOTOM-Q355G4 Quad Lan.
              CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
              LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.