How to change configuration files when migrating from OpenVPN 2.4.* to OpenVPN 2.5.*

As of fall 2021, OpenVPN has moved to the new major branch 2.5.* for almost a year. If you were slow to update, now the new branch can be considered time-tested. However, if you are upgrading from the 2.4 branch, you may need to adjust the configuration files.

1. In the server and client configuration files, replace the line

cipher AES-256-CBC


data-ciphers AES-256-GCM:AES-128-GCM

2. If you are using the TCP protocol (which is not recommended), then instead of the line

;proto tcp

use the line on the server

proto tcp-server

and the line on the client

proto tcp-client

The UDP protocol is the same on the server and on the client:

proto udp

3. When configuring static IP addresses within a virtual private network, the following entry is now used:

ifconfig-push client_IP SUBNET_MASK

for example:


See the section “How to make static IPs for OpenVPN clients” for details.

See also: 

Leave Your Observation

Your email address will not be published. Required fields are marked *