WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn ha = Hash algorithm
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: vpn auth-dn = Peer is identified by either IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN string in remote ID field
WARNING: untranslated string: vpn broken = Broken
WARNING: untranslated string: vpn connecting = CONNECTING
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn force mobike = Force using MOBIKE (only IKEv2)
WARNING: untranslated string: vpn inactivity timeout = Inactivity Timeout
WARNING: untranslated string: vpn keyexchange = Keyexchange
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: rss long = Resident Set Size
WARNING: untranslated string: smt not implemented = Not Implemented
WARNING: untranslated string: transient sheduler attacks = Transient sheduler attacks
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wio cron = unknown string
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: timeformat = %Y-%m-%d at %H:%M:%S %Z
WARNING: untranslated string: total = Total
WARNING: untranslated string: transient sheduler attacks = Transient sheduler attacks
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: warning = Warning
WARNING: untranslated string: wg client pool = Client Pool
WARNING: untranslated string: wg create host-to-net peer = Create A New Host-To-Net Peer
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: version = Version
WARNING: untranslated string: vpn broken = Broken
WARNING: untranslated string: vpn connecting = CONNECTING
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn force mobike = Force using MOBIKE (only IKEv2)
WARNING: untranslated string: vpn inactivity timeout = Inactivity Timeout
WARNING: untranslated string: vpn on-demand = ON-DEMAND
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn ha = Hash algorithm
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: vendor = Vendor
WARNING: untranslated string: vpn broken = Broken
WARNING: untranslated string: vpn connecting = CONNECTING
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn force mobike = Force using MOBIKE (only IKEv2)
WARNING: untranslated string: vpn inactivity timeout = Inactivity Timeout
WARNING: untranslated string: vpn on-demand = ON-DEMAND
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn ha = Hash algorithm
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: visit us at = Visit us at
WARNING: untranslated string: vpn broken = Broken
WARNING: untranslated string: vpn connecting = CONNECTING
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn force mobike = Force using MOBIKE (only IKEv2)
WARNING: untranslated string: vpn inactivity timeout = Inactivity Timeout
WARNING: untranslated string: vpn keyexchange = Keyexchange
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
WARNING: untranslated string: ovpn ha = Hash algorithm
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required.
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: visit us at = Visit us at
WARNING: untranslated string: vpn broken = Broken
WARNING: untranslated string: vpn connecting = CONNECTING
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn force mobike = Force using MOBIKE (only IKEv2)
WARNING: untranslated string: vpn inactivity timeout = Inactivity Timeout
WARNING: untranslated string: vpn keyexchange = Keyexchange
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: updxlrtr passive mode = Delivery only/no download mode
WARNING: untranslated string: user management = User Management
WARNING: untranslated string: version = Version
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: vpn start action add = Wait for connection initiation
WARNING: untranslated string: vpn subjectaltname missing = SubjectAlternativeName cannot be emtpy.
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: rss long = Resident Set Size
WARNING: untranslated string: smt not implemented = Not Implemented
WARNING: untranslated string: transient sheduler attacks = Transient sheduler attacks
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wio cron = unknown string
WARNING: untranslated string: ovpn fallback cipher = Fallback Cipher
WARNING: untranslated string: ovpn fallback cipher help = This cipher is being used by clients that do not support cipher negotiation.
WARNING: untranslated string: ovpn fqdn = FQDN
+WARNING: untranslated string: ovpn legacy auth used = You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later
+WARNING: untranslated string: ovpn legacy cipher used = You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later
WARNING: untranslated string: ovpn misc settings = Miscellaneous Settings
WARNING: untranslated string: ovpn no cipher selected = No cipher selected
WARNING: untranslated string: ovpn protocol settings = Protocol Settings
WARNING: untranslated string: rss long = Resident Set Size
WARNING: untranslated string: smt not implemented = Not Implemented
WARNING: untranslated string: transient sheduler attacks = Transient sheduler attacks
+WARNING: untranslated string: vpn deprecated = Deprecated
WARNING: untranslated string: wio = unknown string
WARNING: untranslated string: wio checked = unknown string
WARNING: untranslated string: wio cron = unknown string
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< rss long
< smt not implemented
< transient sheduler attacks
+< vpn deprecated
< wlanap 802.11ac
< wlanap 802.11ac 160mhz
< wlanap 802.11ac 20mhz
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< total
< transient sheduler attacks
< upload fcdsl.o
+< vpn deprecated
< warning
< wg
< wg client configuration file
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< version
< vpn broken
< vpn connecting
+< vpn deprecated
< vpn force mobike
< vpn inactivity timeout
< vpn on-demand
< ovpn fqdn
< ovpn generating the root and host certificates
< ovpn ha
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< vendor
< vpn broken
< vpn connecting
+< vpn deprecated
< vpn force mobike
< vpn inactivity timeout
< vpn on-demand
< ovpn fqdn
< ovpn generating the root and host certificates
< ovpn ha
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn mgmt in root range
< ovpn misc settings
< ovpn mtu-disc
< visit us at
< vpn broken
< vpn connecting
+< vpn deprecated
< vpn force mobike
< vpn inactivity timeout
< vpn keyexchange
< ovpn fqdn
< ovpn generating the root and host certificates
< ovpn ha
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn mgmt in root range
< ovpn misc settings
< ovpn mtu-disc
< visit us at
< vpn broken
< vpn connecting
+< vpn deprecated
< vpn force mobike
< vpn inactivity timeout
< vpn keyexchange
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< updxlrtr passive mode
< user management
< version
+< vpn deprecated
< vpn start action add
< vpn subjectaltname missing
< vpn wait
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< rss long
< smt not implemented
< transient sheduler attacks
+< vpn deprecated
< wlanap 802.11ac
< wlanap 802.11ac 160mhz
< wlanap 802.11ac 20mhz
< ovpn fallback cipher
< ovpn fallback cipher help
< ovpn fqdn
+< ovpn legacy auth used
+< ovpn legacy cipher used
< ovpn misc settings
< ovpn no cipher selected
< ovpn protocol settings
< rss long
< smt not implemented
< transient sheduler attacks
+< vpn deprecated
< wlanap 802.11ac
< wlanap 802.11ac 160mhz
< wlanap 802.11ac 20mhz
<td>
<select name='DAUTH'>
- <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
+ <option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
<option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
<option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
<option value='SHA256' $selected{'DAUTH'}{'SHA256'}>SHA2 (256 $Lang::tr{'bit'})</option>
<option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
<option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
<option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
- <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'})</option>
- <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'}, $Lang::tr{'vpn weak'})</option>
- <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'}, $Lang::tr{'vpn weak'})</option>
- <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn weak'})</option>
- <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn weak'})</option>
- <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn weak'})</option>
+ <option value='SEED-CBC' $selected{'DCIPHER'}{'SEED-CBC'}>SEED-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
+ <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
+ <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC (192 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
+ <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
+ <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
+ <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC (128 $Lang::tr{'bit'}, $Lang::tr{'vpn deprecated'})</option>
</select>
</td>
</tr>
&Header::openpage($Lang::tr{'status ovpn'}, 1, '');
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
+ my @warnings = ();
+
+ # Check if a legacy cipher is being used
+ if (&is_legacy_cipher($vpnsettings{'DCIPHER'})) {
+ push(@warnings, $Lang::tr{'ovpn legacy cipher used'});
+ }
+
+ # Check if a legacy auth algorithm is being used
+ if (&is_legacy_auth($vpnsettings{'DAUTH'})) {
+ push(@warnings, $Lang::tr{'ovpn legacy auth used'});
+ }
+
# Show any errors and warnings
&Header::errorbox($errormessage);
exit 0;
}
+ &Header::warningbox(@warnings);
+
&Header::openbox('100%', 'LEFT', $Lang::tr{'ovpn roadwarrior settings'});
# Show the service status
'ovpn error md5' => 'Das Host Zertifikat nutzt einen MD5 Algorithmus welcher nicht mehr akzeptiert wird. <br>Bitte IPFire auf die neueste Version updaten und generieren sie ein neues Root und Host Zertifikate.</br><br>Es müssen dann alle OpenVPN clients erneuert werden!</br>',
'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.',
'ovpn ha' => 'Hash-Algorithmus',
+'ovpn legacy auth used' => 'Sie verwenden einen veralteten Hash, der in OpenVPN-Clients ab Version 2.6 nicht mehr unterstützt wird',
+'ovpn legacy cipher used' => 'Sie verwenden eine veraltete Verschlüsselung, die in OpenVPN-Clients ab Version 2.6 nicht mehr unterstützt wird',
'ovpn log' => 'OVPN-Protokoll',
'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'vpn connecting' => 'VERBINDUNGSAUFBAU',
'vpn delayed start' => 'Verzögerung, bevor VPN gestartet wird (in Sekunden)',
'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.',
+'vpn deprecated' => 'Veraltet',
'vpn force mobike' => 'MOBIKE erzwingen (nur IKEv2)',
'vpn inactivity timeout' => 'Inaktivitätstimeout',
'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig',
'ovpn fqdn' => 'FQDN',
'ovpn generating the root and host certificates' => 'Generating the root and host certificate can take a long time.',
'ovpn ha' => 'Hash algorithm',
+'ovpn legacy auth used' => 'You are using a legacy hash which will not be supported in OpenVPN clients of version 2.6 or later',
+'ovpn legacy cipher used' => 'You are using a legacy cipher which will not be supported in OpenVPN clients of version 2.6 or later',
'ovpn log' => 'OVPN-Log',
'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
'ovpn misc settings' => 'Miscellaneous Settings',
'vpn connecting' => 'CONNECTING',
'vpn delayed start' => 'Delay before launching VPN (seconds)',
'vpn delayed start help' => 'If required, this delay can be used to allow dynamic DNS updates to propagate properly. 60 is a common value when RED is a dynamic IP.',
+'vpn deprecated' => 'Deprecated',
'vpn force mobike' => 'Force using MOBIKE (only IKEv2)',
'vpn inactivity timeout' => 'Inactivity Timeout',
'vpn incompatible use of defaultroute' => 'hostname=%defaultroute not allowed',
projects / ipfire-2.x.git / commitdiff
