WARNING
This solution is only for users who cannot upgrade the VPN server. If you have admin access to your VPN server, please upgrade it and generate new keys, otherwise you will lose VPN security!
You need to add the following options in your OpenVPN config file:
tls-cipher "DEFAULT:@SECLEVEL=0"
remote-cert-tls server
This seems to not be possible with the network-manager GUI tool (correct me if I'm wrong), so you need to export your network-manager config to a file using this command:
nmcli c export MyVPN > ~/myvpn.ovpn
Then add the two options mentioned above to the end of the file, and launch openVPN from command line using this command:
sudo openvpn --config ~/myvpn.ovpn
Once you verify that the connection is working again, you can import back your unpdated configuration file and continue to use the Network Manager to setup the tunnel (thanks Eineki):
nmcli c import type openvpn file myvpn.ovpn
sudo nmcli c import type openvpn file <name or your .ovpn file>
and continue to use the Network Manager to setupp the tunnel – Eineki Nov 03 '18 at 19:52use this network only for resources on its network
but if i do that with the UI it will override the vpn settings – Neji Soltani May 30 '19 at 14:51tls-cipher "DEFAULT:@SECLEVEL=0"
andremote-cert-tls server
lines to the end of my ovpn file and then importing again in network manager worked. – Punit Naik Jun 12 '22 at 20:02