You are not logged in.
The new version, networkmanager-openvpn-1.10.4-1 (06-May-2024), has problems with some openvpn servers. I suspect that it is the same error than in the last update of the last year (networkmanager-openvpn-1.10.2-2 03-Jun-2023), that was solved 3 days after...
Offline
I can confirm that. Downgrading back to 1.10.2 solves the issue for me as a client.
When I was on 1.10.4 this warning was only different thing I could find (comparing to working version 1.10.2):
DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
Oh, just found issue with WA published:
https://gitlab.gnome.org/GNOME/NetworkM … issues/138
https://gitlab.gnome.org/GNOME/NetworkM … te_2106393
So in the end you have to manually edit connection in /etc/NetworkManager/system-connections/ and add parameter: data-ciphers= that matches cipher= parameter in the same file to mimics old version behavior.
Last edited by Kisuke-CZE (2024-05-10 11:32:38)
Offline
Yes same trouble here with
sudo journalctl -fu NetworkManager
"OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server."
Offline
I can confirm that. Downgrading back to 1.10.2 solves the issue for me as a client.
When I was on 1.10.4 this warning was only different thing I could find (comparing to working version 1.10.2):
DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
Oh, just found issue with WA published:
https://gitlab.gnome.org/GNOME/NetworkM … issues/138
https://gitlab.gnome.org/GNOME/NetworkM … te_2106393So in the end you have to manually edit connection in /etc/NetworkManager/system-connections/ and add parameter: data-ciphers= that matches cipher= parameter in the same file to mimics old version behavior.
Oh, thanks!
At least it works without any downgrade.
Offline