After changing ciphers in config file, VPN stops working.

jtpreston
Posts: 5
Joined: Sat Aug 24, 2013 12:25 pm

After changing ciphers in config file, VPN stops working.

Postby jtpreston » Mon Aug 26, 2013 7:58 am

I have added cipher AES-256-CBC and auth SHA512 to the bottom of both my server configuration file (/etc/openvpn/openvpn.conf) and to my client configuration file (/Library/Application Support/Tunnelblick/Configurations/MyHDA.conf (while on my mac)) or (/programfiles(x86)/HomeHDA/HomeHDA.conf (while on my pc)) and I am able to connect locally to my VPN but as soon as I try to access it outside of the local network, I cannot connect. On my Mac, Tunnelblick's log says,

2013-08-26 10:53:56 MANAGEMENT: CMD 'username "Auth" "tyler"'
2013-08-26 10:53:56 MANAGEMENT: CMD 'password [...]'
2013-08-26 10:53:56 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2013-08-26 10:53:56 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2013-08-26 10:53:56 WARNING: file 'AmahiHDAClient.key' is group or others accessible
2013-08-26 10:53:56 LZO compression initialized
2013-08-26 10:53:56 Control Channel MTU parms [ L:1602 D:138 EF:38 EB:0 ET:0 EL:0 ]
2013-08-26 10:53:56 Socket Buffers: R=[42080->65536] S=[9216->65536]
2013-08-26 10:53:56 MANAGEMENT: >STATE:1377528836,RESOLVE,,,
2013-08-26 10:53:56 Data Channel MTU parms [ L:1602 D:1450 EF:102 EB:135 ET:0 EL:0 AF:3/1 ]
2013-08-26 10:53:56 Local Options hash (VER=V4): '9c102b00'
2013-08-26 10:53:56 Expected Remote Options hash (VER=V4): 'aaa173e3'
2013-08-26 10:53:56 UDPv4 link local: [undef]
2013-08-26 10:53:56 UDPv4 link remote: 96.255.230.204:1194
2013-08-26 10:53:56 MANAGEMENT: >STATE:1377528836,WAIT,,,

After MANAGEMENT:>STATE:1377528836,WAIT,,, it gets stuck.
I am not sure whether this is a problem with my client software or the VPN.
My port (1194 UDP) is open because before I changed the cipher types it worked perfectly while not on the local network. I was wondering whether there was something I still need to do for it to work or that Amahi OpenVPN does not work with the ciphers that I wanted to use.

User avatar
bigfoot65
Project Manager
Posts: 11924
Joined: Mon May 25, 2009 4:31 pm

Re: After changing ciphers in config file, VPN stops working

Postby bigfoot65 » Tue Aug 27, 2013 4:45 am

My suggestion would be to put things back the way they were. Hard to say what is missing or needs changed to make it work. So far the current ciphers work just fine for security as I have not heard of any issues from the community.

This is one of those cases of why fix something that is not broke. :)
ßîgƒσστ65
Applications Manager

My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2

jtpreston
Posts: 5
Joined: Sat Aug 24, 2013 12:25 pm

Re: After changing ciphers in config file, VPN stops working

Postby jtpreston » Tue Aug 27, 2013 9:55 am

I thought of that. I just thought that it would be nice to use the most secure ciphers around. Thanks for the reply!

User avatar
bigfoot65
Project Manager
Posts: 11924
Joined: Mon May 25, 2009 4:31 pm

Re: After changing ciphers in config file, VPN stops working

Postby bigfoot65 » Tue Aug 27, 2013 2:06 pm

Understand and I can appreciate your concern for security. I am sure it can be done, just don't know what needs modified.
ßîgƒσστ65
Applications Manager

My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2

Who is online

Users browsing this forum: No registered users and 9 guests