Disable compression i OpenVPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Disable compression i OpenVPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Disable compression i OpenVPN
Disable compression i OpenVPN
2019-03-22 07:28:39
Model: Archer C1200  
Hardware Version:
Firmware Version: Latest

I have just got a Archer C1200 router and enabled the OpenVPN server, so that I can connect to my home network securely. I noticed that by default the server uses compression and I read that that compression is a security risk and that you should disable compression completely.

 

https://openvpn.net/security-advisories/ (See section The VORACLE attack vulnerability)

 

I can't find an option to disable it in the routers settings. How do I disable compression?

 

 

  0      
  0      
#1
Options
2 Reply
Re:Disable compression i OpenVPN
2019-03-25 13:28:05
If I was a bank, I would be worried about this. If I was a home or small office user without top security type issues, it would be very remote that this would happen to you. It appears they would be targeting a specific data stream. Also if OpenVPN has its compression turned off, then would not the messages between them and your router be uncompressed?
  0  
  0  
#2
Options
Re:Disable compression i OpenVPN
2019-03-26 00:51:46

Hi,

 

It is also mentioned in the article that this security vulnerability is not important because the triggered scenario is not common and the threat is small, and only when accessing, for example, non-encrypted HTTP Web sites through a VPN, and to monitor the messages that are caught on your front end, you can get some of the contents of the message by guessing more, which is safe in most scenarios. So please feel free to use, anyway, thank you for your feedback, we will add this fix in next firmware.

 

Good day. 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE800 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, and 3-Band MLO Connection Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#3
Options