The "compress" option
Posted: Wed Jan 09, 2019 7:44 am
I have several iOS clients that need to access my VPN. The latest iOS OpenVPN update broke them, thanks to comp-lzo being disabled.
I tried to upgrade the server but that caused problems with old (non-iOS) clients. Backwards compatibility with compress / comp-lzo is apparently a problem. Furthermore, OpenWRT doesn't seem to generate the OpenVPN configuration file correctly when you have "compress" with no parameters.
According to the manual, "compress" should be set to one of these: lzo, lz4, <empty>
I think the use of no parameter (empty) is a poor choice. It would make things much more clear in the configuration if you were supposed to put "off" as the parameter. Just seeing "compress" in the configuration doesn't intuitively tell someone that it means "compress off". It wouldn't help the backwards compatibility problems but I think it would also avoid the problem noted with OpenWRT.
I tried to upgrade the server but that caused problems with old (non-iOS) clients. Backwards compatibility with compress / comp-lzo is apparently a problem. Furthermore, OpenWRT doesn't seem to generate the OpenVPN configuration file correctly when you have "compress" with no parameters.
According to the manual, "compress" should be set to one of these: lzo, lz4, <empty>
I think the use of no parameter (empty) is a poor choice. It would make things much more clear in the configuration if you were supposed to put "off" as the parameter. Just seeing "compress" in the configuration doesn't intuitively tell someone that it means "compress off". It wouldn't help the backwards compatibility problems but I think it would also avoid the problem noted with OpenWRT.