1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

OpenVPN Status via CLI

Discussion in 'ASUSWRT - Official' started by tului, Oct 6, 2019.

  1. tului

    tului Occasional Visitor

    Joined:
    Oct 16, 2012
    Messages:
    38
    Is there a CLI command or a log file or status file I can cat to see what ciphers and the like the connection is using?

    The list of ciphers is this:

    AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC

    Would putting one of the AES-255 towards the front make the connection more secure or does order not affect the order they're negotiated?
     
  2. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    32,520
    Location:
    Canada
    Both ends must have the same ciphers at the top of the list for it to be used - it's a two-ways handshake.

    The used cipher will be reported in syslog at connect time.

    Note that GCM requires OpenVPN 2.4.x. Only the recent Asus 384_81xxx release has udated to 2.4 so far.
     
    tului likes this.
  3. tului

    tului Occasional Visitor

    Joined:
    Oct 16, 2012
    Messages:
    38
    I figured out how to see it and it's aes 256 gcm. ExpressVPN for anyone interested