Hardening the openvpn security

I have configured my openvpn with the following security as mention below. I am using my openvp as routed vpn. Is there any other option to increase my oprnvpn security?

chroot
user nobody
group nobody
tls-auth ta.key 0
tls-auth ta.key 1
cipher AES-256-CBC
ns-cert-type server
rajasekarramasamyAsked:
Who is Participating?
 
ravenplConnect With a Mentor Commented:
That's pretty secure, but
- add crl, so You can revoke client's cert ant any time
- You can add additional user/pass authentication and require to match cert's cname and username (if available); don't cache them at the client's side
- run the server on non-standard and privileged port (<1024)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.