OpenVPN Cloud is now CloudConnexa® — learn more here.
At OpenVPN, we’re continually improving and enhancing our products. We’re pleased to announce that the new OpenVPN Connect app for Windows delivers faster data speeds and improved security for CloudConnexa (formerly known as OpenVPN Cloud) users.
The new OpenVPN Connect app for Windows (3.4.0), when used with a DCO-compatible service or our Cloud Connexa service, gives you the ability to improve data speeds with Data Channel Offload (DCO).
And the latest version of the OpenVPN Connect for Windows isn’t just faster; it’s more secure, too, thanks to an update to OpenSSL 3.0 and disabling of insecure ciphers.
DCO is disabled by default, but it’s easily enabled in the app settings. The deprecated, insecure ciphers are disabled by default, but to ensure ease of use before and during migration, an app setting to enable them is available. The support of DCO in our Windows app is in Beta and can only be used without legacy cipher support.
Windows has traditionally run on machines that are powered by x86 / x64 processors, but more recently, it also runs on devices powered by Arm processors. This new updated app is now compatible with Windows running on x86 compatible Arm devices. Note that DCO support will not be installed on an Arm device.
Good to Know: OpenVPN 2.6.0, recently released by the OpenVPN Community Project, also supports DCO.
OpenVPN Connect works with OpenSSL to create secure connections, and the latest version of OpenSSL disables deprecated ciphers.
Recommended Reading: We Now Have OpenVPN Data Channel Offload: Here's What That Means
Good to Know: Because OpenVPN Connect for Windows supports OpenSSL 3.0, which has disabled deprecated ciphers like the BF-CBC cipher (among others), it can't be used with legacy cipher support. CloudConnexa isn’t affected, but we recommend that Access Server users operating older installations that rely on the BF-CBC cipher upgrade both server and client software.
The latest version of OpenVPN Connect for Windows provides users three important benefits:
This release includes a major update to the OpenVPN and OpenSSL libraries, with support of legacy ciphers, as well as an exciting new Data Channel Offload (DCO) feature that significantly accelerates VPN tunnel traffic.
Previous versions of Connect for Windows, versions without DCO, required back-and-forth traffic data copying between OpenVPN and the operating system (OS) network layers. This produced extra workload with the potential for bottlenecks. With the introduction of DCO, data can be processed in the OS using our Windows for DCO driver on OpenVPN Connect v3.4 for Windows.
In addition to the new DCO feature, this release marks our move to OpenSSL3. Improvement to the OpenSSL3 library itself will now disable, by default, some legacy ciphers and others that are considered insecure.
Please note that this will have no noticeable effect on CloudConnexa and Access Server users unless older installations relying exclusively on the deprecated BF-CBC cipher are in use.
For the latter we strongly recommend upgrading both servers and clients software to take advantage of the new, more secure ciphers such as AES-256-GCM. However, if you choose to continue using the deprecated ciphers, you can enable those designated as “legacy” or “insecure” in the OpenVPN Connect app settings.
These updates are just the latest in our ongoing effort to offer businesses an affordable cloud-delivered service that integrates virtual networking with essential security capabilities.
Good to Know: To get the highest performance possible from DCO, we recommend you use CloudConnexa.
Recommended Reading: How To Implement the OpenVPN Data Channel Offload on Linux.
The Data Channel Offload (DCO) function is OFF by default; remember to turn it ON in the OpenVPN Connect application settings. You can download OpenVPN Connect for Windows here.
Ready to take your business to the next level with CloudConnexa? Work from anywhere and from any device with confidence. Create an account today for three free connections and the secure network connectivity your business needs.