Hey everybody,
After many failed attempts at trying to get OpenVPN up and running, I was finally successful using this guide. Now that it's working, I'm curious about going back and hardening the implementation - specifically with a stronger cipher. OpenVPN has some suggestions in their hardening guide, and I was considering TLS-DHE-RSA-WITH-AES-256-GCM-SHA384. Unfortunately, when using configure, you only have the following encryption options:
- des DES algorithm
- 3des DES algorithm with triple encryption
- bf128 Blowfish algorithm with 128-bit key
- bf256 Blowfish algorithm with 256-bit key
- aes128 AES algorithm with 128-bit key
- aes192 AES algorithm with 192-bit key
- aes256 AES algorithm with 256-bit key
…and yet running openssl ciphers -v does list this cipher as an option. Is there a way do configure OpenVPN to use this cipher that I'm missing out on?
Currently running EdgeOS v1.9.0.
Thanks in advance!