VPN TLS Too Weak


GWN7000 with firmware
Encryption Algorithm AES-256-CBC
Digest Algorithm SHA256

According to newest firmware release it should have support for TLS 1.2. I just setup a VPN with 2 clients as a test 1 laptop and 1 android 11.

On the laptop I’m using the official OVPN app current version 3.3.6 (latest) and on the android its version 3.2.5 (latest).

They both connect and work but it seem like the GWN7000 is using TLS1.0 or below and there is no option to select TLS version. I would like to use at minimum TLS1.2

Maybe I made a misconfiguration on the VPN setup but I did not see any TLS option. any help or advise is much appreciated.


According to the F/W release notes TLS 1.2 was added in version, but I suspect that it is not just a VPN setting so you may have to look around a bit.

I would look for you, but I removed the few I ever installed a while back.


When I have time I will go at it again. I used the client directive tls-version-min to tls1.1 and tls1.2 and the client gave me a complaint that the server tls version is too weak, so I change the client to a minimum of tls1.0 and connection successful. For now my android and laptop with use what is tls available now.