Hardening the openvpn security

I have configured my openvpn with the following security as mention below. I am using my openvp as routed vpn. Is there any other option to increase my oprnvpn security?

chroot
user nobody
group nobody
tls-auth ta.key 0
tls-auth ta.key 1
cipher AES-256-CBC
ns-cert-type server
rajasekarramasamyAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
ravenplConnect With a Mentor Commented:
That's pretty secure, but
- add crl, so You can revoke client's cert ant any time
- You can add additional user/pass authentication and require to match cert's cname and username (if available); don't cache them at the client's side
- run the server on non-standard and privileged port (<1024)
0
All Courses

From novice to tech pro — start learning today.