NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

JBX_Industries's avatar
JBX_Industries
Guide
Feb 04, 2026

SXR80 VPN Stuck in Connecting...

Greetings,

 

I setup the VPN service on our SXR80 with the latest firmware (V4.3.3.200). Our VPN connections were working fine for a while until recently. Now OpenVPN when using the connection for our VPN, show as constantly connecting. The Firmware hasn't changed as it has been the last one they made before they stopped working on them. The client configuration files haven't changed. So Why can't it complete a connection? I am getting this message on the connections. 

 

"Wed Feb  4 16:16:36 2026 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Wed Feb  4 16:16:36 2026 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations. "

 

We were getting these messages before but the connection was still made. Did OpenVPN change or did the firmware change or something else?

SXR80

3 Replies

  • schumaku's avatar
    schumaku
    Guru - Experienced User
    Feb 19, 2026

    This is caused by a newer OpenVPN client while retaining the old configuration files on both the client -and- the server side (here the no longer maintained SXR80).

     

    ===

     

    This OpenVPN warning indicates that data received from the server is compressed, creating a potential security vulnerability (VORACLE) where encrypted data can be exposed. While sent packets are safe, this warning advises disabling compression, as it is deprecated. To resolve, remove comp-lzo or compress options from both server/client configs.

     

    How to Fix the WARNING:

    • Best Solution: Remove all comp-lzo and compress commands from both your client .ovpn file and the server configuration.
    • Temporary Workaround: Add allow-compression yes to your client configuration file, though removing compression entirely is preferred.
    • Server Side: If you control the server, ensure compression is disabled to prevent sending compressed data.

    This warning means the server is trying to send compressed data, but the client is not configured to do so securely. The risk is that an attacker can exploit the compression ratio to potentially infer the content of the data, which is known as the VORACLE attack.

     

     

    Mstrbig wrote:

    The latest firmware is V4.3.3.300. Maybe try that?

     

    Not according to the release notes stating only:

     

    • Upgraded the cloud certificate

     

    JBX_Industries wrote:

    Our VPN connections were working fine for a while until recently. 

     

    .... before you had updated the OpenVPN client(s) on your computer(s) one might guess?

  • FURRYe38's avatar
    FURRYe38
    Guru - Experienced User
    Feb 18, 2026

    Had this been working after v.200 FW was applied? 

     

    Is the OpenVPN an external service you are using? Might contact them and ask if they can help as well. 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More