| 2022-10-27 10:16:13 |
John |
description |
I downloaded a .ovpn file from our (fairly old) VPN device to set up a connection in 22.10.
The .ovpn file has the line:
cipher AES-256-CBC
Get this error in system logs:
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
Advised to change this to:
data-ciphers AES-256-CBC:AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
Which I did and recreated the connection using the edited .ovpn.
Got the same error as above. I've tried using cipher, data-ciphers-fallback: no change, same error.
I tried changing the value with the Ubuntu VPN settings (Identity -> Advanced -> Security) and changing the Cipher to AES-256-CBC using the Cipher drop down menu then clicking 'Apply'. Again, the same error message in the logs.
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
I tried picking another random cipher from the list (ARIA-192-CFB) to see if the error message changed: it didn't. It seems that changes to the cipher (either via a file or manual changes) do not update the vpn settings. |
I downloaded a .ovpn file from our (fairly old) VPN device to set up a connection in 22.10.
The .ovpn file has the line:
cipher AES-256-CBC
Get this error in system logs:
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
Advised to change this to:
data-ciphers AES-256-CBC:AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
Which I did and recreated the connection using the edited .ovpn.
Got the same error as above. I've tried using cipher, data-ciphers-fallback: no change, same error. It always states "currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305'"
I tried changing the value with the Ubuntu VPN settings (Identity -> Advanced -> Security) and changing the Cipher to AES-256-CBC using the Cipher drop down menu then clicking 'Apply'. Again, the same error message in the logs.
Oct 12 11:38:19 DXXXX nm-openvpn[14241]: OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
I tried picking another random cipher from the list (ARIA-192-CFB) to see if the error message changed: it didn't. It seems that changes to the cipher (either via a file or manual changes) do not update the vpn settings. |
|
