Sunday, November 1, 2020

A new version of OpenVPN 2.5.0 has been released

Вышла новая версия OpenVPN 2.5.0

Faster connections

    Connections setup is now much faster

Crypto specific changes

    ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
    Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
    Client-specific tls-crypt keys (–tls-crypt-v2)
    Improved Data channel cipher negotiation
    Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

    HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
    Asynchronous (deferred) authentication support for auth-pam plugin
    Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

    Support IPv4 configs with /31 netmasks now
    802.1q VLAN support on TAP servers
    IPv6-only tunnels
    New option –block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

    VRF support
    Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

    Wintun driver support, a faster alternative to tap-windows6
    Setting tun/tap interface MTU
    Setting DHCP search domain
    Allow unicode search string in –cryptoapicert option
    EasyRSA3, a modern take on OpenVPN CA management
    MSI installer

No comments:

Post a Comment