Android data channel ciphers

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
knew2vpn
OpenVpn Newbie
Posts: 2
Joined: Tue Sep 07, 2021 8:40 am

Android data channel ciphers

Post by knew2vpn » Tue Sep 07, 2021 8:48 am

good day,

Wanted to test if OpenVPN performance can be improved on my Android phone by using a differrent cipher in particular Chacha20-Poly1305 as my phone cannot hardware accelerate the AES ciphers so maybe chance to improvement with non AES ciphers!

In Access server advanced setting I changed my Allowed data channel ciphers to Chacha20-Poly1305:AES-256-GCM:AES-128-GCM:AES-256-CBC but still only uses second prefered option AES-256-GCM

I try to change Allowed data channel ciphers to only Chacha20-Poly1305 but then OpenVPN connect app logs an error "Data channel cipher negotiation failed (no shared cipher)"

so looks like my phone or app cannot support this.

My question: is the choice to use this cipher not supported by the OpenVPN Connect app, or is it limited by my phone itself such as hardware or android version?

Thanks you for reading my problem
Guy

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Android data channel ciphers

Post by openvpn_inc » Tue Sep 21, 2021 11:34 am

Hello knew2vpn,

OpenVPN Access Server 2.9 supports chachapoly if you configure it.

The client must also be configured to use that cipher. You may need to redownload the connection profile to get this configuration parameter in the client profile. That doesn't get updated dynamically.

Your client must also be able to support the chachapoly cipher. As I know, OpenVPN Connect v3.2 doesn't support it. But v3.3 does.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

knew2vpn
OpenVpn Newbie
Posts: 2
Joined: Tue Sep 07, 2021 8:40 am

Re: Android data channel ciphers

Post by knew2vpn » Fri Sep 24, 2021 11:39 am

Thanks for reply

I suspect my problem is that OpenVPN connect version I am using is 3.2.5 not 3.3

Sadly 3.3 is not currently available in play store UK so I'll await update

Thanks
Guy

Post Reply