OpenVPN error?

Hello, everything seemed to be working normally, until I can no longer connect to the VPN (I even reinstalled Kali :joy:)

The error I get is this:

2022-06-27 09:53:27 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
2022-06-27 09:53:27 Unsupported cipher in --data-ciphers: BF-CBC
Options error: --data-ciphers list contains unsupported ciphers or is too long.
Use --help for more information.

YES

I swear it’s not anyone’s fault, but this same topic has been on this forum since Valentine was active and I found the forum by mistake.

Removed my original answer to guide those to a better solution provided by @InfosecGreg (Thank you!) towards the bottom of this post.

If for some reason you are still struggling, the route I went is still an option, but as IG mentions, this is risky and tedious. Almost as tedious as being told to roll back my OpenVPN version by support staff.

Found it. This saved me SO MUCH TIME. Much more helpful than HTB Support.

Link to Fix it

You’re probably going to need to do what I did which was following some of the instructions at the bottom of the page linked above.

sudo -i
./configure
make
make install
openvpn --version

… will work.

I hope this helps!!!

Cheers!

1 Like

Does this work without needing to rollback OpenVPN?? If so that would be amazing.

Works just fine. You don’t have to roll anything back.

If you try to compile an older version of OpenVPN you’re going to run into dependency errors since your version of OpenSSL will most likely be updated as well, so you’d have to compile a new version of that as well.

1 Like

Yea! You’re exactly right! It was a huge pain. As soon as I saw someone else with the connection struggle I was like man, let me help them asap. That link I posted was the only one that had all the right information in it.

Your solution makes so much more sense than what was told to me (or rather told to look up the right way to do it on my own) by the support staff. I’m going to edit my solution above, and guide people to your solution instead.

Thank you!

1 Like

Thanks man I will try, I changed the server and the new file worked, but I did not see that line eariler when I had the problem (I saw similar answer in another post) but mine .ovpn didn’t seem to have that line.

I’m having this issue and the line change ‘cipher’ > ‘data-ciphers’ doesn’t seem to fix it as it’s already data-ciphers.

Okay I fixed it by deleting every entry for --data-ciphers apart from AES-256-CBC and I changed it from 256 to 128.

2 Likes

Steps to fix

  1. Check server connection

Firstly, we check the connection from the home computer to the OpenVPN server. For this, we use the telnet command in the format

If the connection do not work properly, we then check on the server side to see if there are connections reaching the OpenVPN server from this particular client.

  1. Disabling firewall

If connections are not even reaching the server, obviously the client computer firewall will have a role in it. To isolate this firewall dependency, our Dedicated Engineers suggest customers to completely turn off firewall and repeat the telnet check. For example, in case of Windows customers, we ask them to disable Windows Firewall completely and try connecting.

Again, if there are further error messages, it means there is something beyond the computer firewall.

  1. Edit port forwarding rules

At this point, we check the port forwarding rules in the OpenVPN server. We look for typos in the rules and fix them. That solves the OpenVPN error 10054, and make OpenVPN work fine.

Greeting,
Rachel Gomez

Anyone else feel HackTheBox should be the one fixes the issues with their OpenVPN Connection not working with modern client rather than us trying to figure this out? We are paying for the product (well some of us are).

I have tried all the suggestions in this thread and am STILL unable to connect using latest Kali. Big disappointment as I signed up for a year and havent been able to use for a couple of months and finally started to dig in.

1 Like

If someone else comes across this and are still not able to connect to VPN or have activity once connected I found that if I add --comp-lzo to the command via command line I can now connect to VPN and the HTB VM’s on network. I am using up to date kali.

Still an issue here as well. Just did a fresh kali install and tried all of the above solutions.

Feel exactly the same way as @Stimulant7843 - this should be fixed by HTB, not for us to try different kinds of fixes when you pay for a service.

anyone solved it , im not able to connect to academy with the academy.ovpn file i usually download

I contacted support via chat. They reconfigured my file, and it worked.

To recap, if your OpenVPN configuration fails to work on Windows 10, you can fix this issue by adding an exception to the firewall and whitelisting OpenVPN in your antivirus. You can also reset the TAP adapter, check if the DHCP service is running, as well as flush your DNS and reset Winsock.

Regards,
Rachel Gomez

can you tell us what they told you?

If you’re dealing with OpenVPN errors, don’t worry, there are a few things you can try to get it working again. First, make sure your internet connection is stable and the OpenVPN server is up and running. Then, double-check your VPN settings to ensure everything is configured correctly. If you’re still having trouble, try updating or reinstalling the OpenVPN software. And if all else fails, reach out to the OpenVPN community or support team—they’re usually pretty helpful in getting things sorted out!
YouTube ReVanced