First OpenVPN Questions

[drov]

I just installed openvpn on a VPS and have a few questions.

1. Is the default install enough?  I've setup local authentication and am able to login as admin as well as connect as a user.

2. Can I use CSF Firewall with my VPN? If so, Do I need to open any ports or is the default install enough?

3. Is there anything else I need to know about "hardening" open VPN?  I don't need to be too extreme with it, I just want to make sure I can connect to servers and apps with my VPN.  I'm not transferring any major secure data, but would like to be secure enough to not have to worry about accessing my bank or what not.

 

[wlanboy]

Regarding your questions:

1. Depends on your key length. I would switch to key based access. No usernames and no passwords. I never would use local users for vpn.

2. OpenVPN is listening to a udp port so you have to grant access to it. If you want to use the internet connection of your vps through vpn then you need NAT.

3. No passwords, but key based auth.

See my tutorial about some additional configs:

 

[HalfEatenPie]

Honestly, what @wlanboy said is probably best practice to start out.

I'd probably just put softether up, configure the proper ports and settings in CSF (therefore standard CSF will not work, you'd need to update it), and then call it a day.  

 

[Clouvider-Dom]

Yes, you use the CSF firewall with VPN. Depending on VPN software you are aiming to use you will have to open different ports.