Viscosity and openvpn-strong-tcp

quinnmacdonaldquinnmacdonald
edited July 2016 in Mac OS X VPN Setup
I'm been using Viscosity (currently 1.6.4) for a year or so now on OS X. Works great. I noticed today PIA offers 3 versiosn of their config files - recommended config files, "openvpn-strong" and "openvpn-strong-tcp". Can someone explain the difference between the default config files and "openvpn-strong-tcp" ones?

Comments

  • aviteksaviteks
    I had wondered the same thing...here's an explanation by Daniel O:

    We offer five different sets of config files for OpenVPN. Each set of files is equally secure, they are different only in how they connect. These files can be found on our Client Support Page. Alternatively, you can click on the name of the config files below to download the files. The differences between each set of config files is detailed below.

    OPENVPN CONFIGURATION FILES (DEFAULT) -- These are the default configs. The connect over UDP port 1194, using the server name to connect.  

    OPENVPN CONFIGURATION FILES (IP) -- These files use UDP port 1194 to connect over, and connect via an IP address for the server instead of the server name.

    OPENVPN CONFIGURATION FILES (IP-LPORT) -- These files connect over UDP port 8080 and local port 53 in order to bypass some restrictive firewall configurations. They also connect using the IP address of the server instead of the server name. 

    OPENVPN CONFIGURATION FILES (TCP) -- These files connect over TCP port 443 instead of UDP ports. TCP ports are often less restricted than UDP ports, and this can allow for connection on networks like your University or workplace. These connect with the server name, and not an IP address.

    OPENVPN CONFIGURATION FILES (IP-TCP) -- These files use TCP port 443 instead of UDP, and connect via an IP address of the server instead of the server name. These are the most flexible configs, and will connect on almost any network.

    This is the link: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/218984968-What-is-the-difference-between-the-OpenVPN-config-files-on-your-website-


  • doaksdoaks
    edited August 2016
    Hi Quinn,

    The strong file uses AES-256 and SHA-256 encryption and authentication, rather than AES-128 and SHA-1 as is done in the standard files. The strong-tcp file does the same, but uses TCP rather than the UDP protocol.

    For most people, the standard files are fine. The strong files just give you the ability to use stronger encryption if you so wish.

    I do need to do some updates on that page to account for the new strong configurations, thanks for pointing that out Aviteks. I'll add that to my todo list and push some updates to it soon to go over these strong files too (and properly take our latest changes into account).
  • will62will62
    That's good news. 
    Mine was working fine but now the only way I can connect is to lower my router firewall to low and then funny things start to happen on my computer like windows opening that I didn't open, setting changes, my storage partition wiped completely etc; When I go back to high on the router firewall none of the configurations will connect.  The old config I used was tcp on port 443 but it was stored on my storage partition so now I can't connect at all. 
  • Dittoman1Dittoman1
    will62 said:
    That's good news. 
    Mine was working fine but now the only way I can connect is to lower my router firewall to low and then funny things start to happen on my computer like windows opening that I didn't open, setting changes, my storage partition wiped completely etc; When I go back to high on the router firewall none of the configurations will connect.  The old config I used was tcp on port 443 but it was stored on my storage partition so now I can't connect at all. 
    I ve been told to leave port blank on udi?? is that right??
Sign In or Register to comment.