How To secure your OpenVPN configuration

There many traps when it comes to the OpenVPN configuration which your VPN provider has to offer, in this short tutorial I will show you what you need to know and which points are really important to look at.

OpenVPN configuration hardening

How to edit an OpenVPN configuration file?

If the VPN provider offers a .openvpn configuration file then you simply can edit it with every text editor you like, the file is just a renamed text file with another extension so that most OpenVPN client software or your router can read it.

OpenVPN configuration

What are the important points?

Keep in mind that the following configuration is not supported by every VPN provider, this means you might get an error or can’t connect to your VPN, in this case, you need to do research which methods your provider supports.

  • You should check if your processor has AES-NI instructions. If yes then the key exchange should be protected from SPA (Simple Power Analysis) and DPA (Differential Power Analysis) attacks + AES will be a lot faster.
  • If this is your own server, you should use at least a 4096 bits RSA keypair. 2048 bits is becoming weak (in terms of looking into the future). However, 4096bit is overboard. 2048bit/AES256 is currently uncrackable and will be until at least 2030, this is also the reason most VPN Providers still using 2048 bits. Using 4096bit would provide only a minute amount of users an actual benefit while proving a hindrance and inconvenience for 99.999999% of users. 3072bit/AES256 will be uncrackable until at least 2050+ by consumers, and may possibly be crackable by a server farm by then, but even that’s iffy… even then, PFS via DHE would still guarantee even if one decrypted one VPN session, it would likely be inconsequential since one would need to decrypt every additional session using a different decryption key. Simply disconnecting/reconnecting to the VPN every 30 min would provide the paranoid a better solution. NSA & D.o.D uses 2048bit/AES192, which is been being acceptable for use until ~2020 IIRC. They at least write it down in their own public “memorandum on encryption“. According to their documents, 128 bits is equal to RSA 3072 is currently fine which doesn’t waste many resources for nothing.
  • The currently provided parameters can be found on the official Man page.

# Use at least the version 1.2 of TLS!

tls-version-min 1.2

# Use ECDHE (Elliptic curve Diffie–Hellman) for key exchange + RSA for authentication + AES-256-GCM-SHA384 which is authenticated by Galois/Counter Mode with SHA384 for the handshake

tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384

# Use AES-256-CBC (Cipher Block Chaining) for datas encryption

cipher AES-256-CBC

# Use SHA512 to authenticate encrypted datas

auth SHA512

# Renegociate encryption keys each minutes

reneg-sec 60

# Using tls-cipher and tls-version-min is not needed and seems to be a bug in OpenVPN

tls-cipher

# You can manually define ecdh-curves.

show-curves

# Prevent possible DNS leaks

block-outside-dns

OpenVPN 2.4.1. and ecdh-curves

Since OpenVPN 2.4.1+ you can define manually which curves you like to use, the following curves are supported:

  • secp112r1
  • secp112r2
  • secp128r1
  • secp128r2
  • secp160k1
  • secp160r1
  • secp160r2
  • secp192k1
  • secp224k1
  • secp224r1
  • secp256k1
  • secp384r1
  • secp521r1
  • prime192v1
  • prime192v2
  • prime192v3
  • prime239v1
  • prime239v2
  • prime239v3
  • prime256v1
  • sect113r1
  • sect113r2
  • sect131r1
  • sect131r2
  • sect163k1
  • sect163r1
  • sect163r2
  • sect193r1
  • sect193r2
  • sect233k1
  • sect233r1
  • sect239k1
  • sect283k1
  • sect283r1
  • sect409k1
  • sect409r1
  • sect571k1
  • sect571r1
  • c2pnb163v1
  • c2pnb163v2
  • c2pnb163v3
  • c2pnb176v1
  • c2tnb191v1
  • c2tnb191v2
  • c2tnb191v3
  • c2pnb208w1
  • c2tnb239v1
  • c2tnb239v2
  • c2tnb239v3
  • c2pnb272w1
  • c2pnb304w1
  • c2tnb359v1
  • c2pnb368w1c2tnb431r1
  • wap-wsg-idm-ecid-wtls1
  • wap-wsg-idm-ecid-wtls3
  • wap-wsg-idm-ecid-wtls4
  • wap-wsg-idm-ecid-wtls5
  • wap-wsg-idm-ecid-wtls6
  • wap-wsg-idm-ecid-wtls7
  • wap-wsg-idm-ecid-wtls8
  • wap-wsg-idm-ecid-wtls9
  • wap-wsg-idm-ecid-wtls10
  • wap-wsg-idm-ecid-wtls11
  • wap-wsg-idm-ecid-wtls12
  • Oakley-EC2N-3 Oakley-EC2N-4

Your clients must support these newer options. If you#re unsure which curves are supported by your VPN-provider, ask them!

Examples

The following example is for PIA

client
dev tun
proto udp
remote swiss.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
tls-version-min 1.2
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 60
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ

Some OS (like iOS) need the certificate directly within the configuration, this would look like (for Chicago servers):

client
dev tun
remote us-chicago.privateinternetaccess.com 1198 udp
remote us-chicago.privateinternetaccess.com 502 tcp
resolv-retry infinite
nobind
persist-key
persist-tun
setenv CLIENT_CERT 0

—–BEGIN CERTIFICATE—–
MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
/5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
YDQ8z9v+DMO6iwyIDRiU
—–END CERTIFICATE—–

cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
—–BEGIN X509 CRL—–
MIIBkzCB/TANBgkqhkiG9w0BAQ0FADCBpTELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
Ak9IMREwDwYDVQQHEwhDb2x1bWJ1czEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5l
dCBBY2Nlc3MxIzAhBgNVBAMTGlByaXZhdGUgSW50ZXJuZXQgQWNjZXNzIENBMS8w
LQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbRcN
MTYwNzA4MTkwMDQ2WhcNMzYwNzAzMTkwMDQ2WjAmMBECAQEXDDE2MDcwODE5MDA0
NjARAgEGFwwxNjA3MDgxOTAwNDYwDQYJKoZIhvcNAQENBQADgYEALc0LlIZ8BbDq
7nyyS6VSiiYv6gKb1H2IV4neLXkiMcij9VLnLFrsO+RRZMXXcWGeE/WssYYVCugO
OTCCie8HtNRe5UItO59a8f6mhN/WMbZYGKG7qG7pjrnMI34czbrHl0SOuJhOunoJ
DAVtqbc8RJNEmepIxJfLXgDaUKoJaJs=
—–END X509 CRL—–

Please keep in mind that PIA (and other providers) also offering specific configuration files for mobile devices as a download – it’s a bit hidden mostly. But most providers offering a lot of guidance on their FAQ or HelpDesk pages.

TCP vs. UDP

Many VPNs allow you to connect to their servers using two different communication protocols. And while might not make as much of a difference to your security, it’s still good to know which one to choose.

Transmission Control Protocol (TCP) is a “stateful protocol,” which means, in simple terms, that the receiving computer confirms its receipt of the data packet being sent. If the sending computer doesn’t receive a confirmation, it sends the packet again.

This ensures that your data is transmitted reliably and that packets don’t get dropped.

User Datagram Protocol (UDP) is a “stateless protocol,” so it doesn’t wait for confirmation of receipt from the other computer. This makes communication faster, but also opens it up to the potential of communication errors.

In general, I recommend using UDP in most of the time already set by every VPN provider to UDP) unless you have communication errors, in which case you should switch to TCP. Many VPNs do this by default, but if you’re given a choice, it’s a good strategy to stick with.

Why are my speeds so slow?

OpenVPN in general only supports bandwidth rates up to 150~200 MB/s (max) this is due it’s implementation.

You usually not need to tweak additional parameters in your configuration file, the client side and your OS/Router should handle this, however, there are in some rare situations problems and then you should think about it changing your configuration file. As from what I know there is currently under Linux or Windows no speed problem (dunno about MacOS).

If there is something wrong just ask your VPN-provider instead and show them your configuration to find together a solution, this also might help others. In general, you should not mess with the configuration unless you have read the OpenVPN Man Page and fully understood what these toggles really do!

Closing Words

Most ‘good’ VPN-Providers already offering solid configurations, some call them ‘strong’ which often only increases the cipher AES level others might not even provide stronger configurations and then this little guide might help you.

From what I tested the top 10 used VPN providers, like NordVPN, PIA, Proton, ExpressVPN, IPVanish, Windscribe, Perfect Privacy, VyprVPN, TunnelBear, StrongVPN and PureVPn already offering good configurations which not need to be changed unless you have some doubts or you’re really been monitored. schock

Comments are closed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: