We are rolling out an upgrade to our OpenVPN server – replacing a primary/backup configuration with a high availability cluster of servers. If the primary server ever goes down, a secondary one can immediately take over and continue to serve traffic as normal.
We are mitigating the VORACLE attack vulnerability at the same time (CLICK HERE) by disabling compression. This is now deprecated and will be removed from OpenVPN soon. This is to protect against a hard to exploit but theoretical idea that you can extract certain information from encrypted traffic by how well it compresses. Unfortunately, this change means that existing client configurations can’t automatically connect to the new servers as compression is explicitly specified.
All clients connecting will need to download a new OpenVPN profile containing the new server addresses and without compression specified. Click HERE to begin this process – you need to know your VPN username and password. This will connect you to our new servers and you’ll be ready to go.
If you would prefer, you can manually edit your config file, changing ‘openvpn.anu.net’ to ‘vpn.anu.net’ and removing any line stating ‘compress lzo’ or ‘comp-lzo’.
We plan to keep our old OpenVPN server running for 6 months – it will be shut down Monday, 10th October 2022 at 12 noon.
If you have any questions or need any assistance, do not hesitate to get in touch with us by emailing firstname.lastname@example.org or opening up a live chat at https://anu.net.