Question

cipher AES-256-CBC

Hello how to fix this my cipher cipher AES-256-CBC its now working on my openvpn 2.5 client… then i tried to change into cipher AES-256-GCM then it’s the same… note: i only change in server.conf and base.conf the cipher.

this is the result: hu Aug 19 08:29:03 2021 DEPRECATED OPTION: --cipher set to ‘AES-256-CBC’ but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add ‘AES-256-CBC’ to --data-ciphers or change --cipher ‘AES-256-CBC’ to --data-ciphers-fallback ‘AES-256-CBC’ to silence this warning.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello there,

If you want to change the encryption cipher in Access Server you can follow the OpenVPN official docs here:

https://openvpn.net/vpn-server-resources/change-encryption-cipher-in-access-server/

By default OpenVPN Access Server used in the past the cipher BF-CBC. As of Access Server 2.5, AES-256-CBC cipher is used on new installations, and with upgrades from an older version will still use BF-CBC

AES-256-CBC contains no known security flaws so we have made the decision to move to that key for all new installations of Access Server 2.5 or higher.

Regards, Alex