[SOLVED] OpenVPN Depreciated Cipher

Hello all.

I’m actually posting this to share an issue regarding depreciated ciphers in the .ovpn configuration file downloaded from OpenVPN on Freedombox.

Having recently updated my PC to Debian Bookworm, I couldn’t get Network Manager to connect to my FBX with the .ovpn configuration. Apparently, the issue is that the recent OpenVPN in the Bookworm repos (openvpn/stable,now 2.6.3-1 amd64) find cipher AES-256-CBC depreciated.

If you try to use the configuration file with CLI, then OpenVPN connects with a warning stating DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.

With a little Internet search, I discovered that if you change the cipher AES-256-CBC in your configuration file with data-ciphers AES-256-CBC then Network Manager accepts your configuration and connects to your server.

3 Likes

This change fixed my connection to OpenVPN with Network Manager. Thank you for sharing!

1 Like