Changes between Version 6 and Version 7 of CipherNegotiation
- Timestamp:
- 08/11/20 10:12:26 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
CipherNegotiation
v6 v7 1 1 = Cipher Negotiation 2 2 Data channel cipher negotiation is complicated. This wiki defines the expected behaviour between OpenVPN servers and clients. 3 [[TOC(notitle, inline)]] 3 4 4 5 == OpenVPN Directives: … … 23 24 |||| `--cipher` ||||= `--data-cipher` =||= `-fallback` =|||| NCP || Expected || 24 25 || Client || Server ||= Client =||= Server =||= =|| Client || Server || || 25 || - || - ||= - =||= AES-256-GCM:AES-128-GCM =||= - =|| YES || YES || OK || 26 || BF-CBC || - ||= - =||= AES-256-GCM:AES-128-GCM =||= - =|| YES || YES || OK || 26 || - || - ||= - =||= AES-256-GCM:AES-128-GCM =||= - =|| NO || YES || OK || 27 || BF-CBC || - ||= - =||= AES-256-GCM:AES-128-GCM =||= - =|| NO || YES || FAIL || 28 || BF-CBC || - ||= - =||= AES-256-GCM:AES-128-GCM =||= BF-CBC =|| NO || YES || OK || 27 29 28 30 ==== Client version 2.2