Posted: Tue Mar 07, 2017 6:12 Post subject: OpenVPN 2.4 - Cipher Issue?
Hi All,
I have an Archer C7 V2 with the latest DD WRT build 31571 installed.
My OpenVPN setup is working fine but i noticed that even though i have specifically set the Cipher as AES-128-CBC on both the server side and in my client config the connection is still using the AES-256-GCM cipher. Is this a bug or is there a workaround for this?
I also noticed that the Cipher dropdown box on the DD WRT>Services>VPN>OpenVPN section does not include the new GCM ciphers introduced in OpenVPN 2.4 and only shows the CBC ciphers. Is this also a bug or by design?
No worries. I am using an OpenVPN server configured in DD WRT. The OpenVPN server (daemon) version is 2.4
I am connecting to the OpenVPN server from my Windows 10 laptop when i am out in the field and also via my Galaxy S7 phone with the OpenVPN Connect android app.
Like i mentioned everything works fine but i just noticed recently that the cipher has changed for my connection and is no longer AES-128-CBC but is instead AES-256-GCM even though i have AES-128-CBC selected as the cipher in DD WRT>Services>VPN>OpenVPN Server.
I also have
Code:
cipher AES-128-CBC
clearly stated in my client OVPN file.
Below are the configs for my server and android client
client
remote-cert-tls server
remote xxx.xxx.xxx.xxx 63111
dev tun2
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
comp-lzo yes
verb 3
ns-cert-type server
auth SHA256
cipher AES-128-CBC
auth-nocache
key-direction 1
i then have my inline certs embedded in the client OVPN file
Maybe i'm missing something but all i know is the log file always showed AES-128-CBC as the cipher in use and i have only noticed recently in later DD WRT builds that the cipher is now AES-256-GCM
attached a screenshot of the ciphers only showing CBC ciphers available. Shouldn't it with OpenVPN 2.4 be showing more including GCM ciphers?
NOTE: The below screenshot is when i have changed the cipher in DD WRT to None but have not saved it just for illustration purposes to show the available ciphers in drop down. The cipher selected here is definitely AES-128-CBC when i have the server up and running.
Been seeing this for a while -- some info:
I get the same with my driod app if using openvpn 2.4 on client.
Using andriod 'OpenVPN Client free' release ver 2.15.16 (1021516)
This app has option to run what it considers 'old stable 2.3.2' or uncheck that and run the 2.4 ver.
Note: either version I use works perfectly fine.
Here are dd-wrt logs as connected from both versions.
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 peer info: IV_VER=2.3.2
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 peer info: IV_PLAT=linux
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: 70.195.206.69:1520 [mrjcd1] Peer Connection Initiated with [AF_INET]70.195.206.69:1520
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI_sva: pool returned IPv4=10.13.94.226, IPv6=(Not enabled)
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_0c7a1da4bffa86be4124ed296a291e4c.tmp
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI: Learn: 10.13.94.226 -> mrjcd1/70.195.206.69:1520
Mar 7 17:21:59 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 MULTI: primary virtual IP for mrjcd1/70.195.206.69:1520: 10.13.94.226
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 PUSH: Received control message: 'PUSH_REQUEST'
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 SENT CONTROL [mrjcd1]: 'PUSH_REPLY,redirect-gateway def1,route 10.72.28.0 255.255.254.0,dhcp-option DNS 10.72.28.13,route-gateway 10.13.94.225,topology subnet,ping 10,ping-restart 120,ifconfig 1
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mar 7 17:22:02 -- daemon.notice openvpn[4060]: mrjcd1/70.195.206.69:1520 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_VER=2.4.0
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_PLAT=linux
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_PROTO=2
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_NCP=2
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZ4=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZ4v2=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_LZO=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_COMP_STUB=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_COMP_STUBv2=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 peer info: IV_TCPNL=1
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: 70.195.206.69:1513 [mrjcd1] Peer Connection Initiated with [AF_INET]70.195.206.69:1513
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI_sva: pool returned IPv4=10.13.94.226, IPv6=(Not enabled)
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_03ea428e447615346c9da92496803c5d.tmp
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI: Learn: 10.13.94.226 -> mrjcd1/70.195.206.69:1513
Mar 7 17:36:08 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 MULTI: primary virtual IP for mrjcd1/70.195.206.69:1513: 10.13.94.226
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 PUSH: Received control message: 'PUSH_REQUEST'
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 SENT CONTROL [mrjcd1]: 'PUSH_REPLY,redirect-gateway def1,route 10.72.28.0 255.255.254.0,dhcp-option DNS 10.72.28.13,route-gateway 10.13.94.225,topology subnet,ping 10,ping-restart 120,ifconfig 1
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mar 7 17:36:09 -- daemon.notice openvpn[5209]: mrjcd1/70.195.206.69:1513 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
I have never used openVPN Connect but looks as you are using latest ver 1.1.17 (build 76)
OpenenVPN Connect app release notes for ver 1.1.15 (build 62) says added AES-GCM cipher support.
So not sure if this is dd-wrt run-a-muck or part fault of the newer clients can't decide what its doing
I tried using the other Android apps with no luck. I have all my certs as inline certs in the one OVPN file. Seems to only work with the OpenVPN Connect application.
I noticed in the logs somehow at the SENT CONTROL [GalaxyS7-Edge]: 'PUSH_REPLY section its getting the AES-256-GCM cipher automatically and seems to ignore what i have specifically set.
I hope OpenVPN fix this up in a future release or i wonder if DD WRT can be altered with a workaround for this? I know that AsusWrt-Merlin mentioned the new Cipher negotiation introduced in OpenVPN server 2.4.0 which i'm wondering if that is the problem. Although you'd think it wouldn't revert to a new GCM cipher by default.
Quote:
Cipher negotiation (NCP), with (optional)
fallback to legacy "cipher" parameter when
an OpenVPN 2.3 client connects to the
router's 2.4 server.
This is on E1200v2 w/Tomato Firmware 1.28.0000 MIPSR2-138 K26 Max
It uses OpenVPN 2.3.11 --- just a server I've had running here for long time.
Encryption cipher AES-192-CBC / Hash SHA1
Here is relevant logs from the tomato openVPN server.
Using same device I used earlier (driod turbo phone) same client.
client set to use openVPN ver 2.3.2
Mar 7 21:02:04 -- +++ Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 21:02:04 -- +++ Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 21:02:04 -- +++ Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 21:02:04 -- +++ Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 21:02:04 -- +++ Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
client using openVPN ver 2.4
Mar 7 20:53:25 -- +++ Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 20:53:25 -- +++ Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 20:53:25 -- +++ Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mar 7 20:53:25 -- +++ Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 7 20:53:25 -- +++ Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
So it's a client thing that the server logs -- I'd have to do some digging to see exactly what the 'Control Channel' actually does
'bout all I know
ok no worries. Should i be logging a ticket to the DD-WRT devs on TRAC to see if a workaround could be put in place to allow specified ciphers to be used in all cases?
^ This will get rid of the "auto negotiation" which is always defaulting to the highest available (in this case: AES-256-GCM), and let you negotiatiate your own cipher.
If you use "ncp-disable", you MUST specify "cipher ..."