Need some reassurence about my OpenVPN configuration
-
Hello
I have just finishing configuring my OpenVPN server on the latest pfSense stable build, which I am using as an remote access server for my mobile clients (mainly iOS). So far everything works perfect.
I am a bit concerned if my configuration is secure and would resist a possible MITM attack e.g by someone putting a bluecoat proxy in between. Would my clients even connect when authentication of TLS packets is used? Does my client check the certificate path? According to this https://openvpn.net/index.php/open-source/documentation/howto.html#security its important that the certificates carry the specific key and extended key usage. The certificates itself where created with the pfSense internal cert-manager.
I have checked the server certificate with openssl, it has one of the extensions configured but not digitalSignature, keyAgreement. Is that a problem? The server certificate subject CN is the FQDN of my.publicdomain.tld
X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Digital Signature, Key Encipherment
/var/etc/openvpn/server1.conf
dev ovpns1 verb 1 dev-type tun dev-node /dev/tun1 writepid /var/run/openvpn_server1.pid #user nobody #group nobody script-security 3 daemon keepalive 10 60 ping-timer-rem persist-tun persist-key proto udp cipher AES-256-CBC auth SHA256 up /usr/local/sbin/ovpn-linkup down /usr/local/sbin/ovpn-linkdown client-connect /usr/local/sbin/openvpn.attributes.sh client-disconnect /usr/local/sbin/openvpn.attributes.sh local my.public.ip.address tls-server server 192.x.x.0 255.255.255.0 client-config-dir /var/etc/openvpn-csc username-as-common-name auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user 'Local Database' false server1" via-env tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'my.publicdomain.tld' 1" lport 1194 management /var/etc/openvpn/server1.sock unix max-clients 1 push "route 192.x.x.0 255.255.255.0" push "dhcp-option DOMAIN internaldomain.tld" push "dhcp-option DNS 192.x.x.1" push "dhcp-option NTP 192.x.x.1" push "redirect-gateway def1" ca /var/etc/openvpn/server1.ca cert /var/etc/openvpn/server1.cert key /var/etc/openvpn/server1.key dh /etc/dh-parameters.2048 tls-auth /var/etc/openvpn/server1.tls-auth 0 comp-lzo adaptive persist-remote-ip float topology subnet
Client configuration
persist-tun persist-key cipher AES-256-CBC auth SHA256 tls-client client remote my.publicdomain.tld 1194 udp lport 0 verify-x509-name "my.publicdomain.tld" name auth-user-pass ns-cert-type server comp-lzo adaptive <ca>-----BEGIN CERTIFICATE----- [...] -----END CERTIFICATE-----</ca> <cert>-----BEGIN CERTIFICATE----- [...] -----END CERTIFICATE-----</cert> <key>-----BEGIN PRIVATE KEY----- [...] -----END PRIVATE KEY-----</key> <tls-auth># # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- [...] -----END OpenVPN Static key V1-----</tls-auth> key-direction 1
-
Looks good… Reassured?
-
Thanks for replying.
-
Would my clients throw something like a "the servers certificate is not trusted" error message if someone tries to do a MITM attack?
-
Does my client check the certificate path in this configuration?
-
The server certificate does not have the digitalSignature, keyAgreement key usage set, but digitalSignature, keyEncipherment. Is that a problem?
-
-
Yeah - Its never happened to me, but I'm pretty sure it would fail on a MITM attack unless the man in the middle had all the certs from both the client and the server somehow. Otherwise the whole cert thing would be sorta worthless right?
-
Same question asked and answered here.
Things change and attack methods and vulnerabilities change, but to my limited knowledge, this pretty much covers your question.
http://security.stackexchange.com/questions/73469/tls-authentication-openvpn-mitm-attacks-on-public-wifi