Update (Mar 9, 2019): Upgrade complete. Please update your OpenVPN config files.
To improve level of service, security, availability, resilience and performance, we are upgrading our network and infrastructure. It may require some configuration change depending on your setup to continue to use our services.
OpenVPN ECC and AES-256-GCM
We have had OpenVPN servers offering Elliptic Curve Cryptography (ECC) for 2 years now. ECC offers higher performance and security compared to widely used RSA. We will continue to support RSA for older devices and routers but we suggest ECC on newer devices. Data encryption will default to AES-256-GCM on all servers and fall back to AES-256-CBC on older OpenVPN.
What will Change?
OpenVPN Certificates, keys and server IP’s in few locations. We are also looking to replace server IP’s in many other locations.
ECC require OpenVPN 2.4 or higher. This is preferred on all devices that either support or running newer OpenVPN software. Use RSA servers if you have an older device or unable to upgrade to a newer OpenVPN version.
ECC Servers | RSA Servers |
---|---|
80 100 443 1109 * 8000 * | 53 * (4096 bit) 1194 (2048 bit) 8292 * (4096 bit) |
* Note: There is no change to servers running on port 53, 8000 and 8292. These will continue to work without needing any configuration change.
When?
We will begin the upgrade on Saturday, March 9th, 2019 at 10am EST and expect to complete by 10pm EST.
OpenVPN Configuration Files
Files for your device and operating systems are available for download in your account area at https://www.acevpn.com/clients/
Windows, Mac, iPhone, iPad, Android and Linux:
- Upgrade to OpenVPN 2.4.7 if running an older version
- Replace your config files
On Mac, upgrading Tunnelblick will also upgrade OpenVPN.
Router:
Asus router running Merlin and stock: Delete existing connection and import from config again.
DD-WRT and Tomato: Replace certificates and keys including <ca>, <cert>, and <keys>.
Smart DNS / Unblock TV:
Grab new DNS servers from your account area at https://www.acevpn.com/clients/
What about IKEv2, L2TP, and PPTP?
There are no changes at this time to other VPN protocols
Need Help?
Please contact us if you have questions or need help with installation.
Leave A Comment
You must be logged in to post a comment.