Menu
What's new
By:
Filters
Better Search

VPN 128 encryption Needs updating

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ametz

Ametz

Occasional Visitor
Last edited:
Ametz said:
OpenVPN has done some changes recently and are not accepting encryptions lower then 768 bits (And soon soon 1024)

More info:
https://groups.google.com/forum/#!topic/tunnelblick-discuss/AR7dLC2QcrI
https://forums.openvpn.net/topic19029.html#p52630

Google: openvpn 768 bits.

I have a RT N66U router and i can't use OpenVPN anymore. Since N66U only have 128 bits encryption.

Is this something you can fix in an update? (I running Firmware: 378.55)
Click to expand...

Have you considered reading the changelog?

Code: 
- FIXED: Automatically generated DH was too weak (512-bit) and preventing clients based on newer OpenSSL releases from connecting. We automatically replace any weak PEM with our 2048-bit one.

This was already fixed in 378.55.
 
Strange, i updated to your version just a few moments ago instead of the original but what i saw was just 128 bits in your version as well (see added image) I might not be a data wiz but can i be this stupid lol...
 

Attachments

  • asus.png
    asus.png
    5.7 KB · Views: 602
Ametz said:
Strange, i updated to your version just a few moments ago instead of the original but what i saw was just 128 bits in your version as well (see added image) I might not be a data wiz but can i be this stupid lol...
Click to expand...

That's PPTP, not OpenVPN.
 
Ok i see the problem now, im on the VPN settings NOT the OpenVPN settings...
Sometimes im alittle bit... well

Anyway... Gona take a look at that now.. sorry =P
 
By the way another problem i had before all of this was that i could connect to openVPN at school on my laptop.
And if i typed in my router IP 192.168.1.1 i got to the router interface.

But i could not access my home nas/server via \\DISKSTATION the same way i can do from my homecomputer (it just loading)
And if i went to a "whats my ip" i always had the schools IP so i did not surf from via my router, is that strange or normal behaviour?
(If i havent understood VPN) Is not VPN tunnel made so i should be able to surf via my home router and the school only see encrypted trafic to and from my home router?
 
The OpenVPN client must be run with administrator privileges so it can configure the new routes under Windows. Make sure you also tell the server to redirect client's Internet connections through itself.
 
Trying to start it but i get this error:

Thu Sep 03 20:02:19 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Thu Sep 03 20:02:19 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Thu Sep 03 20:02:20 2015 UDPv4 link local: [undef]
Thu Sep 03 20:02:20 2015 UDPv4 link remote: [AF_INET]**.2*6.1**.*2:1194

Then it stops.. Any idé whats wrong?
 
Routers error messages (System log) says:

Sep 3 20:03:23 openvpn[1364]: 192.168.1.156:65187 TLS: Initial packet from [AF_INET]192.168.1.156:65187, sid=9c211d70 4248c703
Sep 3 20:04:23 openvpn[1364]: 192.168.1.156:65187 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sep 3 20:04:23 openvpn[1364]: 192.168.1.156:65187 TLS Error: TLS handshake failed
 
Hmm, seems i cant get it to work anyway. i have tested every kind of settings i have found.
No need to test anything more for today..
Btw will you add a "reset" button on the VPN/TLS settings in the future? to rebuild/make a new certificate/DH etc...
 
Ametz said:
Hmm, seems i cant get it to work anyway. i have tested every kind of settings i have found.
No need to test anything more for today..
Btw will you add a "reset" button on the VPN/TLS settings in the future? to rebuild/make a new certificate/DH etc...
Click to expand...

No need to. Just remove the existing key/certs, and they should automatically be re-generated when you restart the VPN server (if using those automatically generated by the router).
 
You must log in or register to reply here.

Similar threads

E
Guide: FreeBSD 10.0 / NAS Intel ss4200 / headless install / "notso" full disc encrypt
Replies
11
Views
7K
elliot.trance2
E
Similar threads
Thread starter Title Forum Replies Date
Tom Jo-Jo Junior Shabadoo VPN Director - batch of 300+ CIDRs Asuswrt-Merlin 2
H VPN Director URL Asuswrt-Merlin 1
L Wireguard with vpn director rules disable hardware acceleration? Asuswrt-Merlin 10
S VPN: if "Tunnel activated" ->internet on mobile phone is laggy, all the rest clients work fine Asuswrt-Merlin 3
Z Accessing VPN Clients on Router thru Mobile Phone Asuswrt-Merlin 1
C VPN doing a lot of unrecognized options without them even being in the config IPV6 issue Asuswrt-Merlin 3
Db Major RT-AX88U VPN Server "Others" Page Bug Asuswrt-Merlin 4
A Proper use of VPN director Asuswrt-Merlin 6
L IPSec VPN Server with VNC connection causes ASUS RT-AC3100 to Reboot Asuswrt-Merlin 0
G Need help with VPN Asuswrt-Merlin 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 612 (members: 30, guests: 582)
Top