Hello there,
Hope you are doing. So I have my OpenVPN configured and ready to rock (it works as intended). My next plan is to improve security after connecting to VPN.
What I have:
So, with this configuration, I can access everything inside my network, from anywhere in the world.
Since OpenVPN relies only on certificates, without authentication or another method to log in, I would like to know what you did to improve safety with your VPN.
So, my questions are:
Thanks for your input!
Hope you are doing. So I have my OpenVPN configured and ready to rock (it works as intended). My next plan is to improve security after connecting to VPN.
What I have:
- Forwarded port 1194 in the router;
- FW Rules:
Code:
ipfw -q -f flushipfw -q nat 1 config if re0 ipfw -q add nat 1 all from 10.20.0.0/24 to any out via re0 ipfw -q add nat 1 all from any to any in via re0
- Additional Params:
Code:
push "redirect-gateway def1" push "remote-gateway MY ADDRESS" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" duplicate-cn
So, with this configuration, I can access everything inside my network, from anywhere in the world.
Since OpenVPN relies only on certificates, without authentication or another method to log in, I would like to know what you did to improve safety with your VPN.
So, my questions are:
- Did anyone successfully restrict access only to specific NAS IP and JAILS you want to access? If so, how? I have other devices connected to the network that I don't want given access while connected to VPN;
- It's possible to restrict access to a range of IP's from a designated country only?
- Any other way to add another layer of authentication to OpenVPN besides certificate?
Thanks for your input!