VPN Provider - How to go from legacy client to client instance

[Arno]

Hi everyone,

For my internet access I use a well known OpenVPN provider. Muliple legacy clients (for multiple countries) are configured. Works fine. How do I go from legacy clients to client instances?

[DEC670airp414user]

Follow the same steps.    I've moved entirely to instances and have noticed a slight performance increase

[Arno]

Do I have to use the Authority of the VPN provider? Can't select it in the Trust section when creating a client instance.

Role: Client
Protocol: UDP
Type: TUN
Remote; <vpnserver>:<port>
User: xxxxx
Password: xxxxx

What else?

[DEC670airp414user]

Yeah everything you used before

VPN- openvpn- instances - static keys lists auth

[dseven]

One thing I've not found a way to do with OpenVPN instances is specify "data-ciphers". I occassionally use a VPN provider that's probably not keeping their server side up to date, and requires AES-256-CBC. I can hack around it with Advanced configuration in legacy clients, but that mechanism (custom options) is not available with instances, as apparently it's been deemed insecure.

[Crocogator]

I ran into a similar issue when switching from legacy configs to instances. Most things carried over without any problems, but I hit a snag with older providers that still needed specific ciphers like AES-256-CBC. Couldn't find a clean way to handle that directly in the instances UI either, so I ended up sticking to legacy on a couple profiles that needed the extra settings. Wish they gave more flexibility on custom options in the new setup. For something similar with less hassle and more control, I've started using Xenaps Services occasionally. They don't mess around with strict KYC, and it's been smooth for managing different tools and VPN setups.