Menu
What's new
By:
Filters Better Search

Warning msgs in log file 380.66_2 Openvpn server

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

E

eastavin

Senior Member
Noticed the following warning messages coming up regularly with variations depending on what settings are used in the advanced settings screen on server1. In each case a matching OVPN file had been generated and used. Why would the OVPN file not match the server side settings exactly when generated by the system and no edits made?

I realize they are warnings only and a reasonable parameter was negotiated in the end (I checked) but how is it that the system proposes a BF-CBC cipher? This was broken back in the 1990s. It does not even appear in any of the settings screens on the advanced page. So I cant deselect anything.

There is also a mismatch between router and remote for link-mtu and auth. Could be a few more.

ex 1. OpenVPN server1
May 23 14:20:41 openvpn[1417]: 70.29.4.48 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 1558'
May 23 14:20:41 openvpn[1417]: 70.29.4.48 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-128-CBC'

ex 2. Default settings for OpenVPN server1 except TLS control channel security set to ENCRYPT CHANNEL.
May 26 08:52:12 openvpn[28537]: 70.29.7.204 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1550'
May 26 08:52:12 openvpn[28537]: 70.29.7.204 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher AES-128-GCM'
May 26 08:52:12 openvpn[28537]: 70.29.7.204 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
May 26 08:52:12 openvpn[28537]: 70.29.7.204 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA

Thoughts appreciated.
 
This usually happens if you have Negotiation enabled, but the remote end doesn't support it.
 
You must log in or register to reply here.

Similar threads

A
Devices connect to my openvpn server correctly but no traffic from server to client
Replies
6
Views
888
ragtap
R
D
ASUS RT-AX86U OpenVPN Server Error - Key Too Small
Replies
4
Views
200
Tech9
Tech9
gallahermike
GT-BE98 Pro and OpenVPN problem
Replies
7
Views
616
gallahermike
gallahermike
S
Explicit oVPN routing
Replies
4
Views
704
ZebMcKayhan
Z
Wishmaster1965
Solved OpenVPN Server Issue
Replies
5
Views
684
Wishmaster1965
Wishmaster1965
Similar threads
Thread starter Title Forum Replies Date
kernol wanduck: WARNING - router is in manufacturing mode Asuswrt-Merlin 2
V@no Don't show warning page when page was blocked? Asuswrt-Merlin 16
JA93 Easiest setup for remote log server Asuswrt-Merlin 0
G Feature request: firewall url filter log Asuswrt-Merlin 0
B Solved Client list in Network Map is empty and changing the System Log verbosity in the web GUI does nothing Asuswrt-Merlin 7
R Getting flooded with log entries I don't understand on my RT-AX86U Pro running 3004.388.6_2 Asuswrt-Merlin 13
delikid RT-AX86U - log entry changes from FEB to MAY for 6 seconds? Asuswrt-Merlin 2
L When I access the System Log --> IPv6 tab the web server crashes Asuswrt-Merlin 0
R My whole network has been randomly freezing up and when it does the log sayes this: Asuswrt-Merlin 4
V Clearing the log Asuswrt-Merlin 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 964 (members: 21, guests: 943)
Top