Menu
What's new
By:
Filters Better Search

Cannot connect to OpenVPN Server since upgrade of OpenVPN client on W10

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

G

GSpock

Senior Member
Hi all,
I upgraded this morning my W10 PC to OpenVPN 2.6.0 (https://openvpn.net/community-downloads/)
Since then I get this error message when trying to connect to Server on my RT-AX86U:

Code: 
2023-02-02 12:21:45 Note: Treating option '--ncp-ciphers' as  '--data-ciphers' (renamed in OpenVPN 2.5).
2023-02-02 12:21:45 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-02-02 12:21:45 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-02-02 12:21:45 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-02-02 12:21:45 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-02-02 12:22:10 OpenSSL: error:0A00018E:SSL routines::ca md too weak
2023-02-02 12:22:10 Cannot load inline certificate file
2023-02-02 12:22:10 Exiting due to fatal error

Any idea on how to resolve this other than downgrading client?
Thx,
GS
 
GSpock said:
Hi all,
I upgraded this morning my W10 PC to OpenVPN 2.6.0 (https://openvpn.net/community-downloads/)
Since then I get this error message when trying to connect to Server on my RT-AX86U:

Code: 
2023-02-02 12:21:45 Note: Treating option '--ncp-ciphers' as  '--data-ciphers' (renamed in OpenVPN 2.5).
2023-02-02 12:21:45 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-02-02 12:21:45 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
2023-02-02 12:21:45 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-02-02 12:21:45 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-02-02 12:22:10 OpenSSL: error:0A00018E:SSL routines::ca md too weak
2023-02-02 12:22:10 Cannot load inline certificate file
2023-02-02 12:22:10 Exiting due to fatal error

Any idea on how to resolve this other than downgrading client?
Thx,
GS
Click to expand...
It looks like some server-side things need to change to comport with 2.6. Really interested to see the new commit in Merlin, too. But the ciphers are down to two, compression is gone, including framing for compression, and it looks like you need to generate stronger certificates. Haven't played with it myself.
 
elorimer said:
it looks like you need to generate stronger certificates.
Click to expand...
Thanks, indeed regenerating the ovpn file on the server and re-applying on the client side made the job.
 
Last edited:
You must log in or register to reply here.

Similar threads

T
[Help] Problems setting up OpenVPN
Replies
7
Views
479
Thookie
T
A
cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback
Replies
2
Views
12K
Martinski
M
A
Devices connect to my openvpn server correctly but no traffic from server to client
Replies
6
Views
2K
ragtap
R
R
OpenVPN not saving the custom configuration for client-connect on ASUS GT-AX6000
Replies
5
Views
698
eibgrad
eibgrad
P
RT-AX88U - 388.2_2 - Previously Working VPN Client (NordVPN) no longer functions - Suggestions for NordVPN Working Settings July 2023
Replies
2
Views
2K
PC Pilot
P
Similar threads
Thread starter Title Forum Replies Date
M OpenVPN clients cannot connect to LAN computers. Asuswrt-Merlin 0
F Cannot Connect to Router WiFi Directly but is OK with Ubuquity Wired Wireless AP's Asuswrt-Merlin 6
C RT-AX86U 3004.388.8_2 . pet feeder app cannot connect to wifi why? Asuswrt-Merlin 6
M Cannot connect to a website Asuswrt-Merlin 5
NiceMan SSH+RT-AX88U Merlin+3004.388.8_4 Cannot log in Asuswrt-Merlin 1
P Cannot bind IP - "This entry already exists." Asuswrt-Merlin 10
T GT BE98 Pro Guest Network Cannot Disable Intranet Access Asuswrt-Merlin 3
pippo_105 I cannot setup Wireguard on my AX6000 Asuswrt-Merlin 6
A AX-86U: Internet LED Solid Red Light - Cannot login router Asuswrt-Merlin 43
Y HDD cannot be detected in USB-3 mode Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 762 (members: 30, guests: 732)
Top