Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hardening pfSense 2.1 OpenVPN 2.3.2 security

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dplat
      last edited by

      Hey,

      I read the OpenVPN documentation and it gives solutions to harden security, such as running OpenVPN completely unpriviledged, Chroot jail, user/group nobody.

      Why aren't these features implemented in pfSense OpenVPN 2.3.2?

      (see http://openvpn.net/index.php/open-source/documentation/howto.html#security )

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I believe chroot isn't an option because of the script we need to run for auth to work and other tasks, but I may be wrong on that. Certainly worth testing if someone wants to try it.

        The user/group set might be viable, but may also have script issues or route addition issues. Also worth trying, but may or may not work.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.