So I was traveling on Saturday and needed to connect to my VPN. Unfortunately, my vpn would not connect. When I got home I discovered I had two problems. First, the gui upgrade on my PFSense box had not fully upgraded everything. The fix for this is pretty straightforward: Access a shell on PFSense and run pfSense-upgrade -d. This upgraded OpenVPN on the device to 2.5 (I believe the current version as of this writing).
Then I had another problem. I was getting this error message:
The solution is to go into settings for the app (hamburger button in the upper left corner, then settings and de-select AES-CBC Cipher Algorithm. This setting can break the VPN connection if you are using TLS 1.3 because 1.3 does not support AES-CBC.
I did not have an easy time finding help with this issue online, so I am writing this in the hopes that it is found by someone else needing help.
Musings of An Information Security Professional 