Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

OpenVPN version

Post a reply

:
In an effort to prevent automatic submissions, we require that you enter the letters that are written in red.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek: :angel: :clap: :crazy: :eh: :lolno: :problem: :shh: :shifty: :sick: :silent: :think: :thumbdown: :thumbup: :wave: :wtf: :yawn:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

If you wish to attach one or more files enter the details below.

Expand view Topic review: OpenVPN version

Re: OpenVPN version

Post by 3lf » Tue May 02, 2017 12:20 pm

If anyone using wireshark I think I got it, I set "decode as" and selected openVPN

Now instead of saying "encrypted payload" I have message type: P_DATA_V1

confirmed in the openvpn website that it means: Data channel packet containing data channel ciphertext.

So that seem correct now. Any idea on why this detection bug would occur?

Thanks @Fermi

Re: OpenVPN version

Post by 3lf » Mon May 01, 2017 11:32 pm

Thanks but still not sure what you mean because Im not that advanced :D I'm a beginner in network analysis.
I'll look it up thanks

Re: OpenVPN version

Post by Fermi » Mon May 01, 2017 9:07 pm

in Wireshark ...

Re: OpenVPN version

Post by 3lf » Mon May 01, 2017 8:51 pm

sorry do you mean to force open vpn in wireshark or tunnelblick ?

As far as Im aware TB is always openVPN

after a restart it seems those QUIC messages are gone

Re: OpenVPN version

Post by Fermi » Mon May 01, 2017 8:30 pm

Wireshark will in most cases propose the QUIC dissector when analyzing OpenVPN traffic. You should force the protocol to OpenVPN.
The used libraries/versions are OK.

/fermi

OpenVPN version

Post by 3lf » Mon May 01, 2017 8:10 pm

Using tunnelblick latest.

I notice in wireshark a lot of QUIC version negotiation

Im wondering if this has to do with the version of Open VPN Im using in tunnelblick (latest 2.41 libressl 2.5)

Is there a recommended version for CS ?

Top

cron
Nothing to display.

Login