TAP cipher help

[thisisliam]

Hi all. I have finally setup a working OpenVPN TAP server between my two OpenWRT routers. I need two devices client side on the local subnet of the server and so far this works a treat thanks to u/Yetjustanotherone over on Reddit. However, I am experiencing some minor errors and some assistance would be fantastic to fine tune this:

1) I have specified ChaCha20-Poly1305 as the cipher, min TLS 1.3, but it's negotiating as AES-256-GCM and NOT ChaCha20 as indicated from the Client system log below. option cipher returns as depreciated in the log.

Code: Select all

Sat Oct 28 05:47:23 2023 daemon.notice openvpn(OVPN_Tap_client)[15645]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

Sat Oct 28 05:47:23 2023 daemon.notice openvpn(OVPN_Tap_client)[15645]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

Certs were generated as ECDSA - they work.

OpenSSL version on both routers: 3.0.11

OpenVPN Versions on both routers: 2.6.6

I want the tunnel to utilize ChaCha20-Poly1305 cipher, which when running OpenSSL Ciphers I see ChaCha20-Poly1305 as an option on Server and Client.

Server Config (please excuse my messy formatting, I intend to clean this up)
! = commented out. # doesn't seem to work in oconf.

View OriginalServer Config

config openvpn 'Tap_Server'

!option push 'dhcp-option DNS 192.168.1.1'

option cipher 'CHACHA20-POLY1305'

option client_to_client '1'

option enabled '1'

option dev 'tap'

option proto 'udp'

option port '1194'

option ca '/etc/openvpn/ca.crt'

option cert '/etc/openvpn/Server_SiteA.crt'

option key '/etc/openvpn/Server_SiteA.key'

option dh '/etc/openvpn/dh.pem'

option server_bridge '192.168.50.1 255.255.255.0 192.168.50.35 192.168.50.45'

option ifconfig_pool_persist '/tmp/ipp.txt'

option push 'route 192.168.1.0 255.255.255.0'

option tun_mtu '1500'

option keepalive '10 120'

option data_ciphers 'CHACHA20-POLY1305:AES-256-GCM:AES-128-GCM'

option data_ciphers_fallback 'CHACHA20-POLY1305'

option auth 'SHA256'

option tls_ciphersuites 'TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384'

option tls_version_min '1.3'

========



Client Config (again, apologize for the messy formatting)

View OriginalClient Config

config openvpn 'OVPN_Tap_client'

option auth_nocache '1'

option enabled '1'

option dev 'tap'

#option float '1'

#option nobind '1'

option proto 'udp'

option remote 'xx.xx.xx.xx'

option port '1194'

option client '1'

option resolv_retry 'infinite'

option ca '/etc/openvpn/ca.crt'

option cert '/etc/openvpn/Client_SiteB_SiteA.crt'

option key '/etc/openvpn/Client_SiteB_SiteA.key'

option tun_mtu '1500'

option data_ciphers 'CHACHA20-POLY1305:AES-256-GCM:AES-128-GCM'

option cipher 'CHACHA20-POLY1305'

!option data_ciphers_fallback 'CHACHA20-POLY1305'

option auth 'SHA256'

Perhaps I've overlooked something obvious - but why isn't the Cipher negotiating as ChaCha20-Poly1305? I had to comment out option data_ciphers_fallback 'CHACHA20-POLY1305' as it causes the config to disappear from the OpenVPN Luci interface.



2) I'm getting MTU warnings saying the client and server don't match.

tun_mtu is set to 1500 on both Server and Client. I even set the tap0 device to 1500 under Network> Interfaces > Devices to 1500. Error persists only on Server saying it's the client. Luci OpenVPN does not like when I specify both tun_mtu and link_mtu - so I opted for tun_mtu in config files.

Code: Select all

Sat Oct 28 01:02:12 2023 daemon.warn openvpn(Tap_Server)[2298]: Client_SiteB_SiteA/10.0.1.1:38901 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1566', remote='link-mtu 1569'

Sat Oct 28 01:02:12 2023 daemon.warn openvpn(Tap_Server)[2298]: Client_SiteB_SiteA/10.0.1.1:38901 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'

======

As I said, these configs successfully connect and the devices on Client get an IP address and internet connection, but the cipher is incorrect and I'm getting MTU warnings. Any advice on maybe something I missed or forgot to include would be so much appreciated. I feel I'm so close to having this setup as I initially wanted.

Thank you to anyone that can get me from 98% done to 100% done!

[thisisliam]

Bumping this thread with some additional information:

View Originalopenvpn --show-ciphers

AES-128-CBC (128 bit key, 128 bit block)
AES-128-CFB (128 bit key, 128 bit block, TLS client/server mode only)
AES-128-CFB1 (128 bit key, 128 bit block, TLS client/server mode only)
AES-128-CFB8 (128 bit key, 128 bit block, TLS client/server mode only)
AES-128-GCM (128 bit key, 128 bit block, TLS client/server mode only)
AES-128-OFB (128 bit key, 128 bit block, TLS client/server mode only)
AES-192-CBC (192 bit key, 128 bit block)
AES-192-CFB (192 bit key, 128 bit block, TLS client/server mode only)
AES-192-CFB1 (192 bit key, 128 bit block, TLS client/server mode only)
AES-192-CFB8 (192 bit key, 128 bit block, TLS client/server mode only)
AES-192-GCM (192 bit key, 128 bit block, TLS client/server mode only)
AES-192-OFB (192 bit key, 128 bit block, TLS client/server mode only)
AES-256-CBC (256 bit key, 128 bit block)
AES-256-CFB (256 bit key, 128 bit block, TLS client/server mode only)
AES-256-CFB1 (256 bit key, 128 bit block, TLS client/server mode only)
AES-256-CFB8 (256 bit key, 128 bit block, TLS client/server mode only)
AES-256-GCM (256 bit key, 128 bit block, TLS client/server mode only)
AES-256-OFB (256 bit key, 128 bit block, TLS client/server mode only)
CHACHA20-POLY1305 (256 bit key, stream cipher, TLS client/server mode only)
SM4-CBC (128 bit key, 128 bit block)
SM4-CFB (128 bit key, 128 bit block, TLS client/server mode only)
SM4-OFB (128 bit key, 128 bit block, TLS client/server mode only)

The following ciphers have a block size of less than 128 bits,
and are therefore deprecated. Do not use unless you have to.

DES-EDE-CBC (128 bit key, 64 bit block)
DES-EDE-CFB (128 bit key, 64 bit block, TLS client/server mode only)
DES-EDE-OFB (128 bit key, 64 bit block, TLS client/server mode only)
DES-EDE3-CBC (192 bit key, 64 bit block)
DES-EDE3-CFB (192 bit key, 64 bit block, TLS client/server mode only)
DES-EDE3-CFB1 (192 bit key, 64 bit block, TLS client/server mode only)
DES-EDE3-CFB8 (192 bit key, 64 bit block, TLS client/server mode only)
DES-EDE3-OFB (192 bit key, 64 bit block, TLS client/server mode only)

From client log:

View Originalclient log

Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: VERIFY OK: depth=1, CN=SiteA
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: VERIFY KU OK
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: Validating certificate extended key usage
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: VERIFY EKU OK
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: VERIFY OK: depth=0, CN=Server_SiteA
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 521 bit ECsecp521r1, signature: ecdsa-with-SHA256
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Oct 30 22:04:17 2023 daemon.notice openvpn(OVPN_Tap_client)[5108]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

Any guesses what could be causing OpenVPN to default to AES-256-GCM?