Update to latest upstream OpenVPN 2.5.7.
This release can resolve connectivity issues after upgrading to Fedora 36, which ships with OpenSSL 3. Use these options:
--tls-cert-profile insecure and
--providers legacy default if you experience connectivity issues.
More details: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst
sudo dnf upgrade --refresh --advisory=FEDORA-2022-31409e24bc
Please login to add feedback.
This update has been submitted for testing by dsommers.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
Working fine with NetworkManager
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
Does NOT work for me. Downgrading to 2.5.6 works again fine. Problem might be similar as in bug report https://bugzilla.redhat.com/show_bug.cgi?id=2092800
Did also NOT work for me against a 2.4.9 server. Needed to do one of two things: either
--providers legacy defaultto allow (weak)
AES-256-GCMcipher in the client.
Otherwise, connecting to that server will fail.
This contains more related details as well: https://bugzilla.redhat.com/show_bug.cgi?id=2093069
@thm How do you start your client? Via the
openvpn-client@.servicesystemd unit or NetworkManager?
Input and in the BZs here will be brought up with the upstream community as well
Upstream has sent a patch to the mailing list to be considered: https://patchwork.openvpn.net/patch/2504/
I've put together a few quick test builds
If some of you can do a quick test of those build to see if that helps, I can get a 2.5.7-2 prepared later this weekend.
This works for me.
An updated 2.5.7-2 build is now on the way into updates-testing. Please test this build and give the appropriate votes. Since this update caused so much issues and regressions, the 2.5.7-2 build requires more +1s than I normally require.