Connection failed after upgrade to OpenVPN 2.6.0

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
SomeoneElse
OpenVpn Newbie
Posts: 1
Joined: Mon Jan 30, 2023 1:46 pm

Connection failed after upgrade to OpenVPN 2.6.0

Post by SomeoneElse » Mon Jan 30, 2023 1:59 pm

Upgrade process was via
https://community.chocolatey.org/packag ... pn#install

A previously working client .ovpn file which contains "cipher BF-CBC" now fails to connect to an IPfire server. A different server still connects OK. The relevant error in the log is:

OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('BF-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM') if you want to connect to this server.

Over at github there is:
https://github.com/OpenVPN/openvpn-gui/issues/381

There a suggestion** is https://github.com/OpenVPN/openvpn-gui/ ... -856059530 :

Add "BF-CBC" to "data-ciphers", as in "put the following into your config":

But which config?
A configuration file on the server? Unlikely, as I actually want to tell a new client to work with an old server.
The per-connection configuration file on the client? Again unlikely, as it is already defined there.
Some other global config on the client? Maybe,but in the client "settings / about" suggests that "configuation files" are in "C:\Users\MyName\OpenVPN\config", which is empty. If I do need to create a file here, what should it be called.

Actual connection configuration files are in "C:\Program Files\OpenVPN\config". There are per-connection .ovpn and .p12 files (for IPfire connections) and .ovpn files (for non-IPfire connections.

** the other suggestion there is "upgrade the server". Good advice, but not possible at this time.

Post Reply