Home Page › Forums › Network Management › ZeroShell › Encryption on LAN-to-LAN VPNs › Reply To: Encryption on LAN-to-LAN VPNs
I do not know what is the default encryption used by OpenVPN to encrypt the data. In any case you can see the supported cipher with the command:
openvpn –show-ciphers
The following ciphers and cipher modes are available
for use with OpenVPN. Each cipher shown below may be
used as a parameter to the –cipher option. The default
key size is shown as well as whether or not it can be
changed with the –keysize directive. Using a CBC mode
is recommended.
DES-CBC 64 bit default key (fixed)
IDEA-CBC 128 bit default key (fixed)
RC2-CBC 128 bit default key (variable)
DES-EDE-CBC 128 bit default key (fixed)
DES-EDE3-CBC 192 bit default key (fixed)
DESX-CBC 192 bit default key (fixed)
BF-CBC 128 bit default key (variable)
RC2-40-CBC 40 bit default key (variable)
CAST5-CBC 128 bit default key (variable)
RC2-64-CBC 64 bit default key (variable)
AES-128-CBC 128 bit default key (fixed)
AES-192-CBC 192 bit default key (fixed)
AES-256-CBC 256 bit default key (fixed)
After that, you could, for example, force the use of AES256 with the switch
–cipher AES-256-CBC
in the parameter field in both the VPN peers.
Regards
Fulvio