Jump to content
Nytro

OpenVPN for paranoids

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

OpenVPN for paranoids

Tue 17 November 2015

By Victor Dorneanu

Continuing my admin series this time I'd like to setup a VPN using OpenVPN as user-based VPN solution. Unlike IPSec solutions which require IPSec on both (server and client) sides, securing the VPN tunnel by OpenSSL is a more preferable option.In this post I'll try to show which steps have to be taken in order to:

  • secure the communication channel
  • use up-to-date (and secure!) TLS configurations
  • prevent information leaks when the VPN tunnel is down

At least for the last one some additional steps are required to route your traffic only through the VPN tunnel. As a client you don't want your connection to be "downgraded" (in terms of security) without even realizing it. That's why you might want to restrict your routes and allow outbound connection only through the (virtual) interface dedicated to the VPN. How this is done and which methods exist, is covered later on.

Articol complet: OpenVPN for paranoids - blog.dornea.nu

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...