To improve level of service, security, availability, resilience and performance, we are upgrading our network and infrastructure. It may require some configuration change depending on your setup to continue to use our services.
OpenVPN ECC and AES-256-GCM
We have had OpenVPN servers offering Elliptic Curve Cryptography (ECC) for 2 years now. ECC offers higher performance and security compared to widely used RSA. We will continue to support RSA for older devices and routers but we suggest ECC on newer devices. Data encryption will default to AES-256-GCM on all servers and fall back to AES-256-CBC on older OpenVPN.
What will Change?
OpenVPN Certificates, keys and server IP’s in few locations. We are also looking to replace server IP’s in many other locations.
ECC require OpenVPN 2.4 or higher. This is preferred on all devices that either support or running newer OpenVPN software. Use RSA servers if you have an older device or unable to upgrade to a newer OpenVPN version.
80 100 443 1109 * 8000 *
53 * (4096 bit) 1194 (2048 bit) 8292 * (4096 bit)
* Note: There is no change to servers running on port 53, 8000 and 8292. These will continue to work without needing any configuration change.
We will begin the upgrade on Saturday, March 9th, 2019 at 10am EST and expect to complete by 10pm EST.