Changes

From SME Server
Jump to navigationJump to search
1 byte added ,  03:13, 31 August 2022
Line 392: Line 392:  
*'''access''': (private|public) you should let this to public as running a VPN server just for the local network make no sens
 
*'''access''': (private|public) you should let this to public as running a VPN server just for the local network make no sens
   −
*'''cipher''': (valid cipher name) You can force the cipher to use. Starting SME 10, default is AES-256-GCM . If you put auto ( or delete this key, for SME9 and before ) the default will be the current of openvpn wich is as per 2.4 :BF-CBC. Also when both client and server are at least version 2.4, they will negotiate the stronger cipher both side support. SME10 enforce the following authorized ciphers: --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC . To have the list of the supported cipher, issue the command
+
*'''cipher''': (valid cipher name) You can force the cipher to use. Starting SME 10, default is AES-128-CBC . If you put auto ( or delete this key, for SME9 and before ) the default will be the current of openvpn wich is as per 2.4 : BF-CBC. Also when both client and server are at least version 2.4, they will negotiate the stronger cipher both side support. SME10 enforce the following authorized ciphers: --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC . To have the list of the supported cipher, issue the command
    
  openvpn --show-ciphers
 
  openvpn --show-ciphers
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,263

edits

Navigation menu