How to change configuration files when migrating from OpenVPN 2.4.* to OpenVPN 2.5.*
November 25, 2021
As of fall 2021, OpenVPN has moved to the new major branch 2.5.* for almost a year. If you were slow to update, now the new branch can be considered time-tested. However, if you are upgrading from the 2.4 branch, you may need to adjust the configuration files.
1. In the server and client configuration files, replace the line
cipher AES-256-CBC
with
data-ciphers AES-256-GCM:AES-128-GCM
2. If you are using the TCP protocol (which is not recommended), then instead of the line
;proto tcp
use the line on the server
proto tcp-server
and the line on the client
proto tcp-client
The UDP protocol is the same on the server and on the client:
proto udp
3. When configuring static IP addresses within a virtual private network, the following entry is now used:
ifconfig-push client_IP SUBNET_MASK
for example:
ifconfig-push 10.8.0.10 255.255.255.0
See the section “How to make static IPs for OpenVPN clients” for details.
See also:
Related articles:
- How to use OpenVPN with TCP protocol (100%)
- Comparison of performance (data transfer rate) of OpenVPN over UDP and TCP (100%)
- Simultaneous use of multiple OpenVPNs on one server (100%)
- How to manage VPN Settings in Cinnamon (73.6%)
- How to manage VPN Settings in Xfce (73.6%)
- How to increase the swap partition in Linux Mint and Ubuntu. How to create a Swap file in Linux (RANDOM - 50%)