DD-WRT :: View topic - OpenVPN 2.4

OpenVPN 2.4 - Cipher Issue?

DD-WRT Forum Index -> Advanced Networking

View previous topic :: View next topic

Author

Message

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Tue Mar 07, 2017 6:12 Post subject: OpenVPN 2.4 - Cipher Issue?

Hi All,

I have an Archer C7 V2 with the latest DD WRT build 31571 installed.

My OpenVPN setup is working fine but i noticed that even though i have specifically set the Cipher as AES-128-CBC on both the server side and in my client config the connection is still using the AES-256-GCM cipher. Is this a bug or is there a workaround for this?

I also noticed that the Cipher dropdown box on the DD WRT>Services>VPN>OpenVPN section does not include the new GCM ciphers introduced in OpenVPN 2.4 and only shows the CBC ciphers. Is this also a bug or by design?

Regards

Shaun

Sponsor

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Tue Mar 07, 2017 9:51 Post subject:

No worries. I am using an OpenVPN server configured in DD WRT. The OpenVPN server (daemon) version is 2.4

I am connecting to the OpenVPN server from my Windows 10 laptop when i am out in the field and also via my Galaxy S7 phone with the OpenVPN Connect android app.
Like i mentioned everything works fine but i just noticed recently that the cipher has changed for my connection and is no longer AES-128-CBC but is instead AES-256-GCM even though i have AES-128-CBC selected as the cipher in DD WRT>Services>VPN>OpenVPN Server.

I also have

Code:

cipher AES-128-CBC

clearly stated in my client OVPN file.

Below are the configs for my server and android client

Server Config from Conf file in /tmp/openvpn

Code:

dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 3
mute 3
syslog
writepid /var/run/openvpnd.pid
management 127.0.0.1 14
management-log-cache 100
topology subnet
script-security 2
port 63111
proto udp4
cipher aes-128-cbc
auth sha256
client-connect /tmp/openvpn/clcon.sh
client-disconnect /tmp/openvpn/cldiscon.sh
client-config-dir /tmp/openvpn/ccd
comp-lzo yes
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
push "redirect-gateway def1"
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
fast-io
tun-mtu 1500
mtu-disc yes
server 160.56.3.0 255.255.255.0
dev tun2
tls-auth /tmp/openvpn/ta.key 0
push "route 160.55.3.0 255.255.255.0"
push "dhcp-option DNS 160.55.3.33"
max-clients 2

Client config - Android Phone

Code:

client
remote-cert-tls server
remote xxx.xxx.xxx.xxx 63111
dev tun2
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
comp-lzo yes
verb 3
ns-cert-type server
auth SHA256
cipher AES-128-CBC
auth-nocache
key-direction 1

i then have my inline certs embedded in the client OVPN file

Maybe i'm missing something but all i know is the log file always showed AES-128-CBC as the cipher in use and i have only noticed recently in later DD WRT builds that the cipher is now AES-256-GCM

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Tue Mar 07, 2017 10:00 Post subject:

Below is the log, i purposely blocked out IP address/certificate info

Code:

20170307 19:54:43 120.xx.xxx.xxx:53346 TLS: Initial packet from [AF_INET]120.xx.xxx.xxx:53346 sid=795af953 19e31ed6
20170307 19:54:43 120.xx.xxx.xxx:53346 VERIFY OK: depth=1 C=AU ST=x L=x O=x OU=x CN=x name=x emailAddress=sx@hotmail.com
20170307 19:54:43 120.xx.xxx.xxx:53346 VERIFY OK: depth=0 C=AU ST=xL=x O=xOU=x CN=x name=x emailAddress=sx@hotmail.com
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_GUI_VER=net.openvpn.connect.android_1.1.17-76
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_VER=3.0.12
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_PLAT=android
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_NCP=2
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_TCPNL=1
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_PROTO=2
20170307 19:54:44 I 120.xx.xxx.xxx:53346 peer info: IV_LZO=1
20170307 19:54:44 120.xx.xxx.xxx:53346 Control Channel: TLSv1.2 cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384 2048 bit RSA
20170307 19:54:44 I 120.xx.xxx.xxx:53346 [GalaxyS7-Edge] Peer Connection Initiated with [AF_INET]120.xx.xxx.xxx:53346
20170307 19:54:44 I GalaxyS7-Edge/120.xx.xxx.xxx:53346 MULTI_sva: pool returned IPv4=160.56.3.2 IPv6=(Not enabled)
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_33a47d8c5bf50bd840739ef50a07143a.tmp
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 MULTI: Learn: 160.56.3.2 -> GalaxyS7-Edge/120.xx.xxx.xxx:53346
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 MULTI: primary virtual IP for GalaxyS7-Edge/120.xx.xxx.xxx:53346: 160.56.3.2
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 PUSH: Received control message: 'PUSH_REQUEST'
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 SENT CONTROL [GalaxyS7-Edge]: 'PUSH_REPLY redirect-gateway def1 route 160.55.3.0 255.255.255.0 dhcp-option DNS 160.55.3.33 route-gateway 160.56.3.1 topology subnet ping 10 ping-restart 120 ifconfig 160.56.3.2 255.255.255.0 peer-id 0 cipher AES-256-GCM' (status=1)
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
20170307 19:54:44 GalaxyS7-Edge/120.xx.xxx.xxx:53346 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 D MANAGEMENT: CMD 'state'
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 D MANAGEMENT: CMD 'state'
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 D MANAGEMENT: CMD 'state'
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 NOTE: --mute triggered...
20170307 19:54:47 1 variation(s) on previous 3 message(s) suppressed by --mute
20170307 19:54:47 D MANAGEMENT: CMD 'status 2'
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 D MANAGEMENT: CMD 'status 2'
20170307 19:54:47 MANAGEMENT: Client disconnected
20170307 19:54:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:14
20170307 19:54:47 D MANAGEMENT: CMD 'log 500'
19700101 10:00:00

dh /tmp/openvpn/dh.pem ca /tmp/openvpn/ca.crt cert /tmp/openvpn/cert.pem key /tmp/openvpn/key.pem keepalive 10 120 verb 3 mute 3 syslog writepid /var/run/openvpnd.pid management 127.0.0.1 14 management-log-cache 100 topology subnet script-security 2 port 63111 proto udp4 cipher aes-128-cbc auth sha256 client-connect /tmp/openvpn/clcon.sh client-disconnect /tmp/openvpn/cldiscon.sh client-config-dir /tmp/openvpn/ccd comp-lzo yes tls-server ifconfig-pool-persist /tmp/openvpn/ip-pool 86400 client-to-client push "redirect-gateway def1" tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 fast-io tun-mtu 1500 mtu-disc yes server 160.56.3.0 255.255.255.0 dev tun2 tls-auth /tmp/openvpn/ta.key 0 push "route 160.55.3.0 255.255.255.0" push "dhcp-option DNS 160.55.3.33" max-clients 2

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Tue Mar 07, 2017 10:16 Post subject:

attached a screenshot of the ciphers only showing CBC ciphers available. Shouldn't it with OpenVPN 2.4 be showing more including GCM ciphers?

NOTE: The below screenshot is when i have changed the cipher in DD WRT to None but have not saved it just for illustration purposes to show the available ciphers in drop down. The cipher selected here is definitely AES-128-CBC when i have the server up and running.

mrjcd
DD-WRT Guru

Joined: 31 Jan 2015
Posts: 6290
Location: Texas

Posted: Tue Mar 07, 2017 18:47 Post subject:

Been seeing this for a while -- some info:
I get the same with my driod app if using openvpn 2.4 on client.
Using andriod 'OpenVPN Client free' release ver 2.15.16 (1021516)
This app has option to run what it considers 'old stable 2.3.2' or uncheck that and run the 2.4 ver.
Note: either version I use works perfectly fine.

Server conf:
# cat /tmp/openvpn/openvpn.conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 3
mute 3
syslog
writepid /var/run/openvpnd.pid
management 127.0.0.1 14
management-log-cache 100
topology subnet
script-security 2
port xxxxx
proto udp4
cipher aes-256-cbc
auth sha256
client-connect /tmp/openvpn/clcon.sh
client-disconnect /tmp/openvpn/cldiscon.sh
client-config-dir /tmp/openvpn/ccd
comp-lzo adaptive
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
push "redirect-gateway def1"
fast-io
tun-mtu 1500
mtu-disc yes
server 10.13.94.224 255.255.255.224
dev tun2
push "route 10.72.28.0 255.255.254.0"
push "dhcp-option DNS 10.72.28.13"
# uptime
12:29:15 up 3 days, 28 min, load average: 0.00, 0.00, 0.00
# cat /tmp/loginprompt
DD-WRT v3.0-r31571 std (c) 2017 NewMedia-NET GmbH
Release: 03/04/17

Here are dd-wrt logs as connected from both versions.

Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 peer info: IV_VER=2.3.2
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 peer info: IV_PLAT=linux
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 [mrjcd1] Peer Connection Initiated with [AF_INET]70.195.206.69:1520
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI_sva: pool returned IPv4=10.13.94.226, IPv6=(Not enabled)
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_0c7a1da4bffa86be4124ed296a291e4c.tmp
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI: Learn: 10.13.94.226 -> mrjcd1/70.195.206.69:1520
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI: primary virtual IP for mrjcd1/70.195.206.69:1520: 10.13.94.226
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 PUSH: Received control message: 'PUSH_REQUEST'
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 SENT CONTROL [mrjcd1]: 'PUSH_REPLY,redirect-gateway def1,route 10.72.28.0 255.255.254.0,dhcp-option DNS 10.72.28.13,route-gateway 10.13.94.225,topology subnet,ping 10,ping-restart 120,ifconfig 1
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_VER=2.4.0
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_PLAT=linux
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_PROTO=2
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_NCP=2
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZ4=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZ4v2=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZO=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_COMP_STUB=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_COMP_STUBv2=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_TCPNL=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 [mrjcd1] Peer Connection Initiated with [AF_INET]70.195.206.69:1513
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI_sva: pool returned IPv4=10.13.94.226, IPv6=(Not enabled)
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_03ea428e447615346c9da92496803c5d.tmp
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI: Learn: 10.13.94.226 -> mrjcd1/70.195.206.69:1513
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI: primary virtual IP for mrjcd1/70.195.206.69:1513: 10.13.94.226
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 PUSH: Received control message: 'PUSH_REQUEST'
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 SENT CONTROL [mrjcd1]: 'PUSH_REPLY,redirect-gateway def1,route 10.72.28.0 255.255.254.0,dhcp-option DNS 10.72.28.13,route-gateway 10.13.94.225,topology subnet,ping 10,ping-restart 120,ifconfig 1
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key

I have never used openVPN Connect but looks as you are using latest ver 1.1.17 (build 76)
OpenenVPN Connect app release notes for ver 1.1.15 (build 62) says added AES-GCM cipher support.
So not sure if this is dd-wrt run-a-muck or part fault of the newer clients can't decide what its doing Rolling Eyes

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Tue Mar 07, 2017 23:58 Post subject:

I tried using the other Android apps with no luck. I have all my certs as inline certs in the one OVPN file. Seems to only work with the OpenVPN Connect application.

I noticed in the logs somehow at the SENT CONTROL [GalaxyS7-Edge]: 'PUSH_REPLY section its getting the AES-256-GCM cipher automatically and seems to ignore what i have specifically set.

I hope OpenVPN fix this up in a future release or i wonder if DD WRT can be altered with a workaround for this? I know that AsusWrt-Merlin mentioned the new Cipher negotiation introduced in OpenVPN server 2.4.0 which i'm wondering if that is the problem. Although you'd think it wouldn't revert to a new GCM cipher by default.

Quote:

Cipher negotiation (NCP), with (optional)
fallback to legacy "cipher" parameter when
an OpenVPN 2.3 client connects to the
router's 2.4 server.

Shaun

mrjcd
DD-WRT Guru

Joined: 31 Jan 2015
Posts: 6290
Location: Texas

Posted: Wed Mar 08, 2017 3:51 Post subject:

This is on E1200v2 w/Tomato Firmware 1.28.0000 MIPSR2-138 K26 Max
It uses OpenVPN 2.3.11 --- just a server I've had running here for long time.
Encryption cipher AES-192-CBC / Hash SHA1
Here is relevant logs from the tomato openVPN server.
Using same device I used earlier (driod turbo phone) same client.

client set to use openVPN ver 2.3.2
Mar 7 21:02:04 -- +++ Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 21:02:04 -- +++ Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 21:02:04 -- +++ Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 21:02:04 -- +++ Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 21:02:04 -- +++ Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

client using openVPN ver 2.4
Mar 7 20:53:25 -- +++ Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 20:53:25 -- +++ Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 20:53:25 -- +++ Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 20:53:25 -- +++ Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 20:53:25 -- +++ Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA

So it's a client thing that the server logs -- I'd have to do some digging to see exactly what the 'Control Channel' actually does
'bout all I know

shauno100
DD-WRT User

Joined: 19 Oct 2015
Posts: 69

Posted: Wed Mar 08, 2017 3:59 Post subject:
ok no worries. Should i be logging a ticket to the DD-WRT devs on TRAC to see if a workaround could be put in place to allow specified ciphers to be used in all cases?

ventz
DD-WRT Novice

Joined: 14 Mar 2018
Posts: 1

Posted: Wed Mar 14, 2018 0:18 Post subject:
You want to add: ncp-disable ^ This will get rid of the "auto negotiation" which is always defaulting to the highest available (in this case: AES-256-GCM), and let you negotiatiate your own cipher. If you use "ncp-disable", you MUST specify "cipher ..."

Display posts from previous:

Page 1 of 1

DD-WRT Forum Index -> Advanced Networking

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Log in

OpenVPN 2.4 - Cipher Issue?

Quick Links

Log in