How to secure OpenVPN Access Server One-Click App connection
Linode
Linode Staff
I just deployed a Linode with the OpenVPN Access Server One-Click App. How do I configure OpenVPN to run over SSL to ensure the connection is secure?
1 Reply
By default, the OpenVPN Access Server One-Click App is configured for traffic over ports 443/TCP and 1194/UDP. If you want to ensure your traffic is encrypted, just configure your OpenVPN client to use TCP port 443 (a certificate is configured for you during install).
You can confirm this by running
sudo netstat -pluntin your terminal (installable withsudo apt-get install net-toolsif you don't have it) or on the OpenVPN admin page.
The OpenVPN Administrator Guide recommends configuring the system via the OpenVPN admin page, but the files for manual configuration can be found in /usr/local/openvpn-as/
/usr/local/openvpn_as# ls -l
total 100
drwxr-sr-x 2 root root 4096 Aug 31 11:56 bin
drwxr-xr-x 10 root root 4096 Aug 31 11:56 etc
-rw-r--r-- 1 root root 470 Aug 8 18:46 exports
drwxr-sr-x 3 root root 4096 Aug 31 11:56 include
-rw-r--r-- 1 root root 11284 Aug 31 11:57 init.log
drwxr-sr-x 6 root root 4096 Aug 31 11:56 lib
-rw-r--r-- 1 root root 54355 Aug 31 11:56 license.txt
drwxr-sr-x 2 root root 4096 Aug 31 11:56 sbin
drwxr-sr-x 2 root root 4096 Aug 31 11:56 scripts
drwxr-sr-x 2 root root 4096 Aug 8 18:46 tmp
If you've got additional needs for security, I'd start by checking out OpenVPN's guide on this:
https://openvpn.net/community-resources/hardening-openvpn-security/