Need some reassurence about my OpenVPN configuration



  • Hello

    I have just finishing configuring my OpenVPN server on the latest pfSense stable build, which I am using as an remote access server for my mobile clients (mainly iOS). So far everything works perfect.

    I am a bit concerned if my configuration is secure and would resist a possible MITM attack e.g by someone putting a bluecoat proxy in between. Would my clients even connect when authentication of TLS packets is used? Does my client check the certificate path? According to this https://openvpn.net/index.php/open-source/documentation/howto.html#security its important that the certificates carry the specific key and extended key usage. The certificates itself where created with the pfSense internal cert-manager.

    I have checked the server certificate with openssl, it has one of the extensions configured but not digitalSignature, keyAgreement. Is that a problem? The server certificate subject CN is the FQDN of my.publicdomain.tld

    
                X509v3 Extended Key Usage:
                    TLS Web Server Authentication
                X509v3 Key Usage:
                    Digital Signature, Key Encipherment
    
    

    /var/etc/openvpn/server1.conf

    dev ovpns1
    verb 1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    auth SHA256
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local my.public.ip.address
    tls-server
    server 192.x.x.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc
    username-as-common-name
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'my.publicdomain.tld' 1"
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    max-clients 1
    push "route 192.x.x.0 255.255.255.0"
    push "dhcp-option DOMAIN internaldomain.tld"
    push "dhcp-option DNS 192.x.x.1"
    push "dhcp-option NTP 192.x.x.1"
    push "redirect-gateway def1"
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.2048
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    comp-lzo adaptive
    persist-remote-ip
    float
    topology subnet
    
    

    Client configuration

    
    persist-tun
    persist-key
    cipher AES-256-CBC
    auth SHA256
    tls-client
    client
    remote my.publicdomain.tld 1194 udp
    lport 0
    verify-x509-name "my.publicdomain.tld" name
    auth-user-pass
    ns-cert-type server
    comp-lzo adaptive
    
     <ca>-----BEGIN CERTIFICATE-----
    [...]
    -----END CERTIFICATE-----</ca> 
     <cert>-----BEGIN CERTIFICATE-----
    [...]
    -----END CERTIFICATE-----</cert> 
     <key>-----BEGIN PRIVATE KEY-----
    [...]
    -----END PRIVATE KEY-----</key> 
     <tls-auth>#
    # 2048 bit OpenVPN static key
    #
    -----BEGIN OpenVPN Static key V1-----
    [...]
    -----END OpenVPN Static key V1-----</tls-auth> 
     key-direction 1
    
    


  • Looks good…  Reassured?



  • Thanks for replying.

    1. Would my clients throw something like a "the servers certificate is not trusted" error message if someone tries to do a MITM attack?

    2. Does my client check the certificate path in this configuration?

    3. The server certificate does not have the digitalSignature, keyAgreement key usage set, but digitalSignature, keyEncipherment. Is that a problem?



  • Yeah - Its never happened to me, but I'm pretty sure it would fail on a MITM attack unless the man in the middle had all the certs from both the client and the server somehow.  Otherwise the whole cert thing would be sorta worthless right?



  • Same question asked and answered here.

    Things change and attack methods and vulnerabilities change, but to my limited knowledge, this pretty much covers your question.

    http://security.stackexchange.com/questions/73469/tls-authentication-openvpn-mitm-attacks-on-public-wifi


Log in to reply