Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Hardening the openvpn security

Posted on 2009-03-30
1
Medium Priority
?
586 Views
Last Modified: 2013-12-16
I have configured my openvpn with the following security as mention below. I am using my openvp as routed vpn. Is there any other option to increase my oprnvpn security?

chroot
user nobody
group nobody
tls-auth ta.key 0
tls-auth ta.key 1
cipher AES-256-CBC
ns-cert-type server
0
Comment
Question by:rajasekarramasamy
1 Comment
 
LVL 43

Accepted Solution

by:
ravenpl earned 150 total points
ID: 24026313
That's pretty secure, but
- add crl, so You can revoke client's cert ant any time
- You can add additional user/pass authentication and require to match cert's cname and username (if available); don't cache them at the client's side
- run the server on non-standard and privileged port (<1024)
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question