Need some reassurence about my OpenVPN configuration

sammy2ooo

Hello

I have just finishing configuring my OpenVPN server on the latest pfSense stable build, which I am using as an remote access server for my mobile clients (mainly iOS). So far everything works perfect.

I am a bit concerned if my configuration is secure and would resist a possible MITM attack e.g by someone putting a bluecoat proxy in between. Would my clients even connect when authentication of TLS packets is used? Does my client check the certificate path? According to this https://openvpn.net/index.php/open-source/documentation/howto.html#security its important that the certificates carry the specific key and extended key usage. The certificates itself where created with the pfSense internal cert-manager.

I have checked the server certificate with openssl, it has one of the extensions configured but not digitalSignature, keyAgreement. Is that a problem? The server certificate subject CN is the FQDN of my.publicdomain.tld

            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 Key Usage:
                Digital Signature, Key Encipherment

/var/etc/openvpn/server1.conf

dev ovpns1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-256-CBC
auth SHA256
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local my.public.ip.address
tls-server
server 192.x.x.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
username-as-common-name
auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'my.publicdomain.tld' 1"
lport 1194
management /var/etc/openvpn/server1.sock unix
max-clients 1
push "route 192.x.x.0 255.255.255.0"
push "dhcp-option DOMAIN internaldomain.tld"
push "dhcp-option DNS 192.x.x.1"
push "dhcp-option NTP 192.x.x.1"
push "redirect-gateway def1"
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.2048
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo adaptive
persist-remote-ip
float
topology subnet

Client configuration

persist-tun
persist-key
cipher AES-256-CBC
auth SHA256
tls-client
client
remote my.publicdomain.tld 1194 udp
lport 0
verify-x509-name "my.publicdomain.tld" name
auth-user-pass
ns-cert-type server
comp-lzo adaptive

 <ca>-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----</ca> 
 <cert>-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----</cert> 
 <key>-----BEGIN PRIVATE KEY-----
[...]
-----END PRIVATE KEY-----</key> 
 <tls-auth>#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[...]
-----END OpenVPN Static key V1-----</tls-auth> 
 key-direction 1

kejianshi

Looks good…  Reassured?

sammy2ooo

Thanks for replying.

1. Would my clients throw something like a "the servers certificate is not trusted" error message if someone tries to do a MITM attack?

2. Does my client check the certificate path in this configuration?

3. The server certificate does not have the digitalSignature, keyAgreement key usage set, but digitalSignature, keyEncipherment. Is that a problem?

kejianshi

Yeah - Its never happened to me, but I'm pretty sure it would fail on a MITM attack unless the man in the middle had all the certs from both the client and the server somehow.  Otherwise the whole cert thing would be sorta worthless right?

kejianshi

Same question asked and answered here.

Things change and attack methods and vulnerabilities change, but to my limited knowledge, this pretty much covers your question.

http://security.stackexchange.com/questions/73469/tls-authentication-openvpn-mitm-attacks-on-public-wifi