Some OpenVPN server cipher options are ignored

Hi :slight_smile:

I’m using vyos 1.4, compiled may 17 2023.
I’m configuring openvpn.
I’ve set the cipher option using this command :
set interfaces openvpn vtun10 encryption cipher aes256

When launching the server and connecting a client I get this message in the logs :

Aug 17 07:50:26 openvpn-vtun10[1289335]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.

Switching to aes256gcm removes the warning message.

thanks for reporting , we’ve created this task to solved it :