This OpenVPN client version:
Mon Apr 25 08:45:45 2022 OpenVPN 2.5.6 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 16 2022
prints this warnings:
Mon Apr 25 08:45:45 2022 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Mon Apr 25 08:45:45 2022 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
I think we should:
- Disable compression. What do you think?
- Fix the cipher deprecation warning by the suggested config modification (I do not understand 100% what to do, flacco do you know what to do?).