Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

OpenVPN version

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)

Topic Author
3lf
Posts: 18
Joined: Wed Apr 26, 2017 4:03 am

OpenVPN version

Post by 3lf » Mon May 01, 2017 8:10 pm

Using tunnelblick latest.

I notice in wireshark a lot of QUIC version negotiation

Im wondering if this has to do with the version of Open VPN Im using in tunnelblick (latest 2.41 libressl 2.5)

Is there a recommended version for CS ?

User avatar

Fermi
Site Admin
Posts: 202
Joined: Tue Jun 17, 2014 11:42 am

Re: OpenVPN version

Post by Fermi » Mon May 01, 2017 8:30 pm

Wireshark will in most cases propose the QUIC dissector when analyzing OpenVPN traffic. You should force the protocol to OpenVPN.
The used libraries/versions are OK.

/fermi


Topic Author
3lf
Posts: 18
Joined: Wed Apr 26, 2017 4:03 am

Re: OpenVPN version

Post by 3lf » Mon May 01, 2017 8:51 pm

sorry do you mean to force open vpn in wireshark or tunnelblick ?

As far as Im aware TB is always openVPN

after a restart it seems those QUIC messages are gone

User avatar

Fermi
Site Admin
Posts: 202
Joined: Tue Jun 17, 2014 11:42 am

Re: OpenVPN version

Post by Fermi » Mon May 01, 2017 9:07 pm

in Wireshark ...


Topic Author
3lf
Posts: 18
Joined: Wed Apr 26, 2017 4:03 am

Re: OpenVPN version

Post by 3lf » Mon May 01, 2017 11:32 pm

Thanks but still not sure what you mean because Im not that advanced :D I'm a beginner in network analysis.
I'll look it up thanks


Topic Author
3lf
Posts: 18
Joined: Wed Apr 26, 2017 4:03 am

Re: OpenVPN version

Post by 3lf » Tue May 02, 2017 12:20 pm

If anyone using wireshark I think I got it, I set "decode as" and selected openVPN

Now instead of saying "encrypted payload" I have message type: P_DATA_V1

confirmed in the openvpn website that it means: Data channel packet containing data channel ciphertext.

So that seem correct now. Any idea on why this detection bug would occur?

Thanks @Fermi

Post Reply