Posted: Mon Apr 24, 2017 13:32 Post subject: OpenVPN AES-256-GCM
Router ModelNetgear R7000
Firmware Version DD-WRT v3.0-r31870M kongac (04/16/17)
Kernel VersionLinux 4.4.61 #300 SMP Sun Apr 16 17:48:50 CEST 2017 armv7l
This is running just fine for over a week.
I note that the VPN section still does not include in the pulldown Encryption Cipher AES-256-GCM, so I enter None and in the Additional Config section I add:
key-direction 1
nobind
cipher AES-256-GCM
ns-cert-type server
persist-key
persist-tun
resolv-retry infinite
verb 3
proto udp4
This matches with my own VPN server and my Windows and Android clients.
That's odd, the Mullvad VPN guide I followed shows it in a screen shot, and I didnt have to spell it out. I did however need to manually specify the TLS cipher ...and the keep alive option. Make sure to tickmark Advanced Options.
I am referring to another field. E.g., I also see an entry corresponding to my client .ovpn file:
# If a tls-auth key is used on the server
# then every client must also have the key.
tls-auth ta.key 1
tls-client
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
I also have, corresponding with my server:
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-GCM
auth SHA256