I am using RUT955 FW RUT9_R_00.07.01.2 as an OPENVPN Server. From a Windows-PC as client all works finde without any problems.When I am using this opvn-configuration on my Iphone with the OPENVPN-App I get "Authentication Failed (Data channel cipher negatiation failed (no shared cipher)". I tried many ways to get additional security using a cipher to work first with the Windows-PC but all tries failed: I enabled "Additional HMAC" authentication and used a generated ta.key - now way. Anybody can help? Here is my initial configuration for Windows which is working fine:
Server on RUT955:
config webui 'webui'
option _auth 'tls'
config openvpn 'OPENVPN'
option persist_key '1'
option port '1194'
option keepalive '10 120'
option verb '5'
option _role 'server'
option proto 'udp'
option _name 'OPENVPN'
option persist_tun '1'
option type 'server'
option ca '/etc/vuci-uploads/cbid.openvpn.OPENVPN.caca.crt'
option cert '/etc/vuci-uploads/cbid.openvpn.OPENVPN.certserver.crt'
option key '/etc/vuci-uploads/cbid.openvpn.OPENVPN.keyserver.key'
option dh '/etc/vuci-uploads/cbid.openvpn.OPENVPN.dhdh2048.pem'
option tls_server '1'
option enable '1'
option _auth 'tls'
option cipher 'AES-256-GCM'
list data_ciphers 'AES-256-GCM'
option _tls_cipher 'all'
option dev 'tun_s_OPENVPN'
option client_config_dir '/etc/openvpn/ccd'
option server_ip '10.0.0.0'
option server_netmask '255.255.255.0'
list push 'route 192.168.2.0 255.255.255.0'
option auth 'sha256'
option _tls_auth 'none'
option upload_files '0'
---------------------------------------------------------------------------------------------------------------
Client-OVPN:
client
remote XXX.XXX.XXX.XXX
proto udp
rport 1194
lport 1194
#comp-lzo
dev tun
resolv-retry infinite
persist-key
persist-tun
ca ca.crt
key client.key
cert client.crt
auth-user-pass
auth-nocache
remote-cert-tls server
cipher AES-256-GCM
Thanks for any help.