https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162021-01-29T08:22:08ZpfSense bugtrackerpfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=506462021-01-29T08:22:08ZJim Pingle
<ul><li><strong>Category</strong> changed from <i>VPN (Multiple Types)</i> to <i>OpenVPN</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Rejected</i></li></ul><p>I can't reproduce this as stated. I was able to edit an existing client as well as create a new client, both times it respected the exact list I chose. I repeated the test with server entries and it worked as well.</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=506632021-01-29T16:49:45ZJohn Griffin
<ul></ul><p>Here is video of it occurring. It seems a bit random, sometimes it works, sometimes you end up with a completely different set of ciphers.</p>
<p><a class="external" href="https://youtu.be/eZtZxirQAFM">https://youtu.be/eZtZxirQAFM</a><br /><a class="external" href="https://youtu.be/kUBZy0wKulU">https://youtu.be/kUBZy0wKulU</a></p>
<p>Not sure of the protocol around here, as it's already been rejected should i submit another one? Will anyone ever read this :-)</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507092021-02-01T07:39:57ZJim Pingle
<ul></ul><p>Those videos are private and cannot be viewed.</p>
<p>I tried again and can't replicate the problem here. Maybe write out a more complete procedure for replicating the problem, starting with a new/fresh tunnel. Also try different browsers, and make sure any script/ad blocking is disabled for the firewall URL.</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507592021-02-01T19:05:12ZJohn Griffin
<ul></ul><p>Sorry about the video's, they should be viewable now.</p>
<p>You are correct, I cannot replicate the issue in Firefox. I disabled every extension in chrome, then:</p>
<p>On a new blank clean build 2.5 instance I<br />a) created new CA<br />b) navigate to OpenVPN - Clients<br />c) Add<br />d) Fill in minimal information (remote server, username, password)<br />e) deselect AEs-128-GCM and CHACHA<br />f) added AES-256-CBC<br />g) hit save<br />go back in and the values will have changed</p>
<p>In the following video you can see that 2 out of 3 times the values were different when I went back in after saving</p>
<p><a class="external" href="https://youtu.be/VMX661lJbcA">https://youtu.be/VMX661lJbcA</a></p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507752021-02-02T08:52:51ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Rejected</i> to <i>New</i></li><li><strong>Assignee</strong> set to <i>Anonymous</i></li><li><strong>Priority</strong> changed from <i>Normal</i> to <i>Very High</i></li><li><strong>Target version</strong> set to <i>2.5.0</i></li></ul><p>OK, I can reproduce it that way, but only in Chrome. Watching the network panel as it makes the POST, for whatever reason Chrome is not sending the <code>data_ciphers</code> list in the POST. It happens to both clients and servers.</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507762021-02-02T09:09:51ZAnonymous
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>In Progress</i></li></ul> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507872021-02-02T12:27:41ZAnonymous
<ul><li><strong>Status</strong> changed from <i>In Progress</i> to <i>Feedback</i></li><li><strong>Assignee</strong> changed from <i>Anonymous</i> to <i>John Griffin</i></li></ul> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507882021-02-02T12:30:08ZAnonymous
<ul><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Fixed #11328 by fixing jQuery and error when 'protocol' is undefined" href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/2521eced153b0c96bf6375787c607377e89639ed">2521eced153b0c96bf6375787c607377e89639ed</a>.</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507892021-02-02T12:39:24ZJim Pingle
<ul><li><strong>Assignee</strong> changed from <i>John Griffin</i> to <i>Jim Pingle</i></li></ul> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507902021-02-02T12:46:19ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>Works OK now in Chrome and FireFox. No JS errors on the list page or edit page.</p> pfSense - Bug #11328: OpenVPN Ciphers will not stick in 2.5https://redmine.pfsense.org/issues/11328?journal_id=507912021-02-02T12:47:23ZJim Pingle
<ul><li><strong>Assignee</strong> changed from <i>Jim Pingle</i> to <i>Anonymous</i></li></ul>