rajasekarramasamy
asked on
Security settings for OpenVPN client.
I am using Linux pc as a OpenVPN client. I want to know how to protect my VPN client from hackers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I need number2. Is there any ip tables rules for OpenVPN Client to increase more security?
iptables will only prvent unauthorized access to your system
rules is
block every port
then open one by one
so in open vpn server, if you want more security, then block every incomming port
then open only selected port,
if you just want to keep open port for open vpn, then just add rules to open port for open vpn
i guess its 1723
you said you want number2, that mean, you need a secure tunnel between client and vpn server right ?? then you will have to implement ssl
rules is
block every port
then open one by one
so in open vpn server, if you want more security, then block every incomming port
then open only selected port,
if you just want to keep open port for open vpn, then just add rules to open port for open vpn
i guess its 1723
you said you want number2, that mean, you need a secure tunnel between client and vpn server right ?? then you will have to implement ssl
ASKER
>>>>>>>>you said you want number2, that mean, you need a secure tunnel between client and >>>>>>>>vpn server right ?? then you will have to implement ssl
By default SSL is implement in Openvpn. Is there any things need to be done for client side?
By default SSL is implement in Openvpn. Is there any things need to be done for client side?
As far I know, no, open vpn is secure by itself with extra layer of ssl... , i am not seeing anything what else could be done ...
what you meant by securing..
i understand you have install openvpn as Vpn server and client is accessing that via open vpn client
Here 2 thing
1.securing your openvpn server ( which would be class as securing your linux server)
2. securing the open vpn connection vpnserver -> client
if you want number 2, then its secure anyway but if you have sensitive data then you can implement ssl base connection between vpn server and vpn client
but if you want number 1, then there is too much things to do