Hi,
On Sat, Aug 29, 2020 at 04:19:07PM -0300, Rafael Gava wrote:
> This thread has a could days but I'm testing the version 2.5-beta2 and I'm
> getting the following error:
>
> 2020-08-29 16:02:53 us=643016 OPTIONS ERROR: failed to negotiate cipher
> with server. Add the server's cipher ('BF-CBC') to --data-ciphers
> (currently 'BF-CBC') if you want to connect to this server.
Which combination of client/server is this exactly? 2.5-beta2 on
the client, what is on the server? Can we have some more log file,
including the "PUSH_REPLY", please?
And, if this is on windows, please make sure it's really "beta2" - the
installer will not replace openvpn.exe when going from beta1 to beta2,
so you might run an 2.5_beta1 openvpn.exe.
[..]
> I know that you guys are trying to get rid of the BF-CBC but my question
> is, should it still work if we set these parameters in the config file or
> am I missing or doing something wrong? :-)
It definitely should work.
It does work for my test bed, but I am not testing "2.5 client against
'some old server'" yet - only the other way round, 2.2/2.3/2.4/2.5 client
against 2.5 server. It needs "data-ciphers BF-CBC" (or "cipher BF-CBC")
to be added to the config for non-NCP combinations, but afterwards
it works.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
