Solved

Hardening the openvpn security

Posted on 2009-03-30
1
514 Views
Last Modified: 2013-12-16
I have configured my openvpn with the following security as mention below. I am using my openvp as routed vpn. Is there any other option to increase my oprnvpn security?

chroot
user nobody
group nobody
tls-auth ta.key 0
tls-auth ta.key 1
cipher AES-256-CBC
ns-cert-type server
0
Comment
Question by:rajasekarramasamy
1 Comment
 
LVL 43

Accepted Solution

by:
ravenpl earned 50 total points
ID: 24026313
That's pretty secure, but
- add crl, so You can revoke client's cert ant any time
- You can add additional user/pass authentication and require to match cert's cname and username (if available); don't cache them at the client's side
- run the server on non-standard and privileged port (<1024)
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

1 Experts available now in Live!

Get 1:1 Help Now