24.01.2017 16:31, Gert Doering пишет: > > Well. If you *know* which of the old clients have been upgraded to AES, > you should be able to put "cipher AES..." into a ccd/ file for that client > (I haven't tested it with 2.4.0-final - it worked for a hacked-together > variant I did that later become the much more cleaned-up official version of > poor man's NCP by Steffan). Technically it should work... >
Unfortunately it doesn't work with 2.4.0: if i write cipher AES-256-CBC in my ccd then Jan 24 16:41:40 inetgw2 openvpn[25861]: dm/192.168.22.229:34918 OPTIONS IMPORT: reading client specific options from: ccd/dm Jan 24 16:41:40 inetgw2 openvpn[25861]: dm/192.168.22.229:34918 Options error: option 'cipher' cannot be used in this context (ccd/dm) or "cipher AES-256-CBC" then: Jan 24 16:43:45 inetgw2 openvpn[25861]: dm/192.168.22.229:42526 OPTIONS IMPORT: reading client specific options from: ccd/dm Jan 24 16:43:45 inetgw2 openvpn[25861]: dm/192.168.22.229:42526 Options error: Unrecognized option or missing or extra parameter(s) in ccd/dm:6: cipher AES-256-CBC (2.4.0) Jan 24 16:43:45 inetgw2 openvpn[25861]: dm/192.168.22.229:42526 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_c1a7461423baa641b1524f9d84d844ce.tmp :-( ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
