openvpn: client export misses --data-ciphers

[emammadov]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• [x] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• [x] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

We are using the latest version of OPNsense. I have setup OpenVPN instance. If I use Openvpn Connect, I see that it uses AES256-GCM. No errors.

But if use OpenVPN client v2.6.12 (Community edition), it gives the following error, but it connects successfully.

Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.

In the server logs, when the client is connected, it shows that the client uses AES-256-GCM.

openvpn_server1 xxx.xxx.xxx.xxx:55396 Data Channel: cipher 'AES-256-GCM', peer-id: 0

[fichtner]

Forum discussion for reference: https://forum.opnsense.org/index.php?topic=42914.0