OpenVPN server config needed

In Progress Posted 4 years ago Paid on delivery

$10-30 USD

Paid on delivery

In Progress Paid on delivery

Im running openVPN server on debian 9 that is used by 300~ users.

To authenticate im using radius plugin +sql.

I need a man who will point out weak points of my server/client config and tell me how to improve it

server

port 1194

proto udp

dev tun

user nobody

group nogroup

persist-key

persist-tun

keepalive 10 120

topology subnet

server [login to view URL] [login to view URL]

ifconfig-pool-persist [login to view URL]

push "dhcp-option DNS 1.0.0.1"

push "dhcp-option DNS 1.1.1.1"

push "redirect-gateway def1 bypass-dhcp"

dh none

ecdh-curve prime256v1

tls-crypt [login to view URL] 0

crl-verify [login to view URL]

ca [login to view URL]

cert [login to view URL]

key [login to view URL]

auth SHA256

cipher AES-128-GCM

ncp-ciphers AES-128-GCM

tls-server

tls-version-min 1.2

tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

status /var/log/openvpn/[login to view URL]

log /var/log/openvpn/[login to view URL]

mute 20

duplicate-cn

explicit-exit-notify 1

verb 5

client

proto udp

remote IPv4 1194

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

verify-x509-name server_C1g7yujWoZkpCgVq name

auth SHA256

auth-nocache

cipher AES-128-GCM

tls-client

tls-version-min 1.2

tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

auth-user-pass [login to view URL]

setenv opt block-outside-dns # Prevent Windows 10 DNS leak

mute-replay-warnings

verb 4

<ca>

-----BEGIN CERTIFICATE-----

xx

-----END CERTIFICATE-----

</ca>

<cert>

-----BEGIN CERTIFICATE-----

xx

-----END CERTIFICATE-----

</cert>

<key>

-----BEGIN PRIVATE KEY-----

xx

-----END PRIVATE KEY-----

</key>

<tls-crypt>

#

# 2048 bit OpenVPN static key

#

-----BEGIN OpenVPN Static key V1-----

xx

-----END OpenVPN Static key V1-----

</tls-crypt>

Linux MySQL OpenVPN Shell Script Software Architecture

Project ID: #19447054

About the project

2 proposals Remote project Active 4 years ago

Looking to make some money?

Benefits of bidding on Freelancer

Set your budget and timeframe
Get paid for your work
Outline your proposal
It's free to sign up and bid on jobs

Awarded to:

dnickel80's Profile Picture
dnickel80

Hello friend. The configs are only a small part of the security of a vpn server. You need to make sure you harden the OS, server firewall is locked down and then look at securing the config.

$30 USD in 1 day
(3 Reviews)
3.0

2 freelancers are bidding on average $30 for this job

inovativeeyes's Profile Picture
inovativeeyes

Hello I will configure OpenVPN server on debian 9 that is used by 300~ users. I am having expertise in Linux, MySQL, OpenVPN, Shell Script, Software Architecture Kindly get back to me Thanks vijay

$30 USD in 1 day
(19 Reviews)
4.9
Post a project like this