Hi, I am setting up OpenVPN sever on Debian 9 (ovpn is version 2.4.0) and was about to set tls-cipher in config to prevent version rollback attacks.
However, I have heard different opinions that it is not recommended to set --tls-cipher by yourself. The argument is that "default in recent OpenVPN versions are mostly up-to-date to what is needed, and it removes the need to update this if the official recommendations changes later on. Updating OpenVPN will be enough".
I need an advice on that. What is your opinion and arguments?
Set tls-cipher: yes or no?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.