OpenVPN app has broken my openvpn connection

[rockyd]

I had Openvpn working fine for ages, tried to use it again today and now the app complains about unsupported options, I did some googling and people have managed to solve their issue, by manually editing the ovpn file, I tried that. Got it to stop complaining but it won't connect. I have attached a snapshot of the error pop up from the phone. Any ideas?
Edit: I tried to attach the snapshot, but it seems to have been ignored, I can't see it.

[rockyd]

Try this

[rockyd]

OK editing the OVPN file did work, I forgot to turn off my wifi on my phone when I tried it.

[Lantis]

Gargoyle version?
What version of OpenVPN does your app report it uses?

What did you need to modify in the ovpn file?

[rockyd]

Gday Lantis,

Gargoyle version?

Gargoyle Version:1.12.0

What version of OpenVPN does your app report it uses?

OpenVPN app 3.4.3 (9909)

What did you need to modify in the ovpn file?

I deleted the lines that mentioned the unsupported options it was complaining about

dev tun
proto udp
status current_status
resolv-retry infinite
remote-cert-tls server
topology subnet
verb 3

cipher AES-256-CBC


nobind
persist-key
persist-tun
comp-lzo

became

dev tun
proto udp
remote-cert-tls server
verb 3

cipher AES-256-CBC


nobind
comp-lzo

[Lantis]

Around OpenVPN version ~2.5 a lot of options changed and became incompatible. There’s a complex web of backwards compatibility but the app may not be working as it should or the gap may now be too high.
See this page here about backwards compatibility.
https://openvpn.net/community-resources ... envpn-2-5/

To this end, you should be upgrading to a more recent Gargoyle to get a newer version of OpenVPN. And, 1.12 has several known vulnerabilities anyway.

If it’s working for you now, great. It might stop in the future again and be unfixable.

[rockyd]

The link gives a security warning.

I would upgrade but it's a lot or work to configure everything again. I am also extremely sick of constant updates from everything else that I dread all updates. Because of what will they break next.

What vulnerabilities are in 1.12, anything serious?

[rockyd]

The link gives a security warning.

It's seem that was caused by OpenDNS, Google DNS worked normally

[Lantis]

Every security fix since 18.06 is missing from your device, which is pretty substantial. Enough that I wouldn't list them.
openssl CVEs
opkg MITM attack
ppp, uci, countless others memory over/underflows
dnsmasq CVEs
ipv6 routing DOS
wifi fragattack
and more...

[rockyd]

Thanks for the info, may have to do the upgrade, painful as it may be.
Out of curiosity, how many of the vulnerabilities can be attacked from the WAN side of things?