Keying Material Exporters (RFC 5705) based key generation

As part of the cipher negotiation OpenVPN will automatically prefer the RFC5705 based key material generation to the current custom OpenVPN PRF. This feature requires OpenSSL or mbed TLS 2.18+.

Compatibility with OpenSSL in FIPS mode

OpenVPN will now work with OpenSSL in FIPS mode. Note, no effort has been made to check or implement all the requirements/recommendation of FIPS 140-2. This just allows OpenVPN to be run on a system that be configured OpenSSL in FIPS mode.

mlock will now check if enough memlock-able memory has been reserved,

and if less than 100MB RAM are available, use setrlimit() to upgrade the limit. See Trac #1390. Not available on OpenSolaris.

Certificate pinning/verify peer fingerprint

The --peer-fingerprint option has been introduced to give users an easy to use alternative to the tls-verify for matching the fingerprint of the peer. The option takes use a number of allowed SHA256 certificate fingerprints.
See the man page section “Small OpenVPN setup with peer-fingerprint” for a tutorial on how to use this feature. This is also available online under

TLS mode with self-signed certificates

When --peer-fingerprint is used, the --ca and --capath option become optional. This allows for small OpenVPN setups without setting up a PKI with Easy-RSA or similar software.

Deferred auth support for scripts

The --auth-user-pass-verify script supports now deferred authentication.

Pending auth support for plugins and scripts

Both auth plugin and script can now signal pending authentication to the client when using deferred authentication. The new client-crresponse script option and OPENVPN_PLUGIN_CLIENT_CRRESPONSE plugin function can be used to parse a client response to a CR_TEXT two factor challenge.
See sample/sample-scripts/ for an example.

Compatibility mode (--compat-mode)

The modernisation of defaults can impact the compatibility of OpenVPN 2.6.0 with older peers. The options --compat-mode allows UIs to provide users with an easy way to still connect to older servers.

OpenSSL 3.0 support

OpenSSL 3.0 has been added. Most of OpenSSL 3.0 changes are not user visible but improve general compatibility with OpenSSL 3.0. --tls-cert-profile insecure has been added to allow selecting the lowest OpenSSL security level (not recommended, use only if you must). OpenSSL 3.0 no longer supports the Blowfish (and other deprecated) algorithm by default and the new option --providers allows loading the legacy provider to renable these algorithms.

Optional ciphers in --data-ciphers

Ciphers in --data-ciphers can now be prefixed with a ? to mark those as optional and only use them if the SSL library supports them.

Improved --mssfix and --fragment calculation

The --mssfix and --fragment options now allow an optional mtu parameter to specify that different overhead for IPv4/IPv6 should taken into account and the resulting size is specified as the total size of the VPN packets including IP and UDP headers.

Cookie based handshake for UDP server

Instead of allocating a connection for each client on the initial packet OpenVPN server will now use an HMAC based cookie as its session id. This way the server can verify it on completing the handshake without keeping state. This eliminates the amplification and resource exhaustion attacks. For tls-crypt-v2 clients, this requires OpenVPN 2.6 clients or later because the client needs to resend its client key on completing the hand shake. The tls-crypt-v2 option allows controlling if older clients are accepted.
By default the rate of initial packet responses is limited to 100 per 10s interval to avoid OpenVPN servers being abused in reflection attacks (see --connect-freq-initial).

Data channel offloading with ovpn-dco

2.6.0+ implements support for data-channel offloading where the data packets are directly processed and forwarded in kernel space thanks to the ovpn-dco kernel module. The userspace openvpn program acts purely as a control plane application. Note that DCO will use DATA_V2 packets in P2P mode, therefore, this implies that peers must be running 2.6.0+ in order to have P2P-NCP which brings DATA_V2 packet support.

Session timeout

It is now possible to terminate a session (or all) after a specified amount of seconds has passed session commencement. This behaviour can be configured using --session-timeout. This option can be configured on the server, on the client or can also be pushed.

Inline auth username and password

Username and password can now be specified inline in the configuration file within the <auth-user-pass></auth-user-pass> tags. If the password is missing OpenVPN will prompt for input via stdin. This applies to inline’d http-proxy-user-pass too.

Tun MTU can be pushed

The client can now also dynamically configure its MTU and the server will try to push the client MTU when the client supports it. The directive --tun-mtu-max has been introduced to increase the maximum pushable MTU size (defaults to 1600).

Improved control channel packet size control (max-packet-size)

The size of control channel is no longer tied to --link-mtu/--tun-mtu and can be set using --max-packet-size. Sending large control channel frames is also optimised by allowing 6 outstanding packets instead of just 4. max-packet-size will also set mssfix to try to limit data-channel packets as well.