I've got ibVPN updated to the newest version. I added the computers I would like running through the VPN and selected a server.
When I start the service everything starts up except I get a warning saying: INSECURE cipher with block size less then 128 bit and while the service is running the machines I added to the list no longer connect to anything on the internet. The only thing I receive is a DNS reponse for the IP address. No routing seems to happen.
The Exact message I get (I don't think this has anything to do with my problem, but maybe I'm wrong):
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 7 07:45:08 george ibvpn[17109]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 7 07:45:08 george ibvpn[17109]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 7 07:45:08 george ibvpn[17109]: WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Nov 7 07:45:08 george ibvpn[17109]: ROUTE_GATEWAY MYROUTERIP/255.255.254.0 IFACE=MYINTERFACE HWADDR=MYHWADDRADDRESS
When I start the service everything starts up except I get a warning saying: INSECURE cipher with block size less then 128 bit and while the service is running the machines I added to the list no longer connect to anything on the internet. The only thing I receive is a DNS reponse for the IP address. No routing seems to happen.
The Exact message I get (I don't think this has anything to do with my problem, but maybe I'm wrong):
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 7 07:45:08 george ibvpn[17109]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 7 07:45:08 george ibvpn[17109]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Nov 7 07:45:08 george ibvpn[17109]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 7 07:45:08 george ibvpn[17109]: WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Nov 7 07:45:08 george ibvpn[17109]: ROUTE_GATEWAY MYROUTERIP/255.255.254.0 IFACE=MYINTERFACE HWADDR=MYHWADDRADDRESS
In ibVPN
Share this post:
Responses (2)
-
Accepted Answer
Yes I did update to that version. I am currently using version 1.2.2-1. I had to upgrade to fix the redirection problem.
I actually located the problem so you can shut this down. I forgot that I had the Web Proxy Server running and had to disable that to allow ibVPN to function correctly.
Thank you. -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »