View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Is security necessary on a vpn server?
Log in to Ask a Question

Is security necessary on a vpn server?

general

Hi,

I am using openvpn on Linode 1GB. I installed it on Debian 6. It works fine. But articles I read on the internet about how to setup vpn server don't mention about the server security. I also asked some other places about this but couldn't get satisfactory reply.

Do you think something extra needs to be installed or applied to server? I updated debian to latest version and then I installed openvpn. I have some iptables rules to forward traffic to my computer and blocked ssh port from outside, but I can login from Linode Manager. Is this enough for personal use?

3 Replies

There's this article in the Linode Library but it's for Debian 7, still you might find some useful information:

https://library.linode.com/networking/o … 04-precise">https://library.linode.com/networking/openvpn/ubuntu-12.04-precise

I did all of them except dnsmasq(i'm using 3rd party dns). Also I added couple of iptable rules.

Other than security of vpn, can someone access to my server? I scanned server IP via a vulnerability scanner and report says that all ports are closed except udp ports. Do you think this can cause a risk?

The main thing to consider is that the general public should not have access to your VPN. This is accomplished by keeping the private keys from the PKI secure. You may have configured your server to be more permissive inside the VPN, and this could also extend the local Linode network (192.168.128.0/17). You also want to prevent unacceptable behavior from passing through and appearing to originate from your Linode.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct