Orbi Firmware Upgrades Not Keeping Up With OpenVPN Security Standards

Why Netgear does (or does not do) anything is not something any member of the Community forum has insight into. 

What we can do is offer suggestions for how to make use of the product.  For example, I connected a Windows 10 laptop to the internet (using a cell phone Hot Spot via LTE data) and used OpenVPN Connect 3.3.7 (2939) to connect with an RBR50.  As the attached log file shows, it worked correctly.  OpenVPN Connect prompted that an update was available, so I updated the Windows app to 3.4.3 (3337).  The next attempt to connect failed. (see log file). OpenVPN connect claimed there were "problems" and did not specify what they were:

OpenVPN Connect 3.4.3 (3337) on Windows 10, Feb 13

[Feb 13, 2024, 15:43:22] OpenVPN core 3.8.2connect3 win x86_64 64-bit OVPN-DCO built on Dec  1 2023 16:39:43

⏎[Feb 13, 2024, 15:43:22] Frame=512/2112/512 mssfix-ctrl=1250

⏎[Feb 13, 2024, 15:43:22] NOTE: This configuration contains options that were not used:

⏎[Feb 13, 2024, 15:43:22] Unsupported option (ignored)

⏎[Feb 13, 2024, 15:43:22] 5 [resolv-retry] [infinite]

⏎[Feb 13, 2024, 15:43:22] 7 [persist-key]

⏎[Feb 13, 2024, 15:43:22] 8 [persist-tun]

⏎[Feb 13, 2024, 15:43:22] 17 [route-method] [exe]

⏎[Feb 13, 2024, 15:43:22] UNKNOWN/UNSUPPORTED OPTIONS

⏎[Feb 13, 2024, 15:43:22] 3 [dev-node] [NETGEAR-VPN]

Thus it would appear that if OpenVPN Connect is the tool being used, one way to address this issue is to reinstall the previous version 3.3.7 (2939).

This Windows 10 laptop has OpenVPN GUI installed as well, v2.6.2, Mar 24, 2023.  The tap connection worked, but the tun connection failed.  Version 3 of OpenVPN dropped support for tap connections, so I kept 2.6.2 installed specifically to look at how tap behaves differently than tun.  I have not spent any time diagnosing "what's wrong" since the Open VPN Connect app was working - until I went and upgrade it - damn.

The tap connection that worked spit out the same error messages you noticed, but it still connected:

2024-02-13 16:03:59 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-02-13 16:03:59 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations.
2024-02-13 16:03:59 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2024-02-13 16:03:59 OpenVPN 2.6.2 [git:v2.6.2/3577442530eb7830] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Mar 24 2023

I agree totally that it is annoying when vendors do not keep products up-to-date.  Heck, Netgear has only 19 Orbi router models (and ?? Nighthawk models).  How long could it take for some intern to update the OpenVPN software on all of them? (and test it, maybe)

My advice: find a version of OpenVPN that "works".