Hi all,
I have a very small OpenVPN server on my Raspberry PI 4.
Can I logs failure attemps or other attack kind to my machine?
Is it possibile? Can I do these settings directly in OpenVPN server?
I have not any hardware firewall in my simple deployment at the moment.
In this moment I just changed default UDP port, but I know that it is not the best solution about security.
My laptop use OpenVPN certificate, I don't type any username or password to connect remotelly using OpenVPN.
Thanks so much!
Federico
How to log failuer attemps?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Wed Aug 11, 2021 10:36 am
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: How to log failuer attemps?
Your server log will have the details.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Wed Aug 11, 2021 10:36 am
Re: How to log failuer attemps?
Hi @TinCanTech,
Thanks!
Do I need to set some settings to improve logging (more details) about login attempts?
Thanks!
Thanks!
Do I need to set some settings to improve logging (more details) about login attempts?
Thanks!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: How to log failuer attemps?
Just read your log.
- openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: How to log failuer attemps?
Hi Federico,
I don't think logging is the best approach. I think it's better to mitigate the attacks before they could happen. Use --proto udp and see --tls-auth or --tls-crypt in the manual.
For logging --verb 3 is good for general use, or --verb 4 (occasionally higher) when trying to debug a specific issue.
hth, regards, rob0
I don't think logging is the best approach. I think it's better to mitigate the attacks before they could happen. Use --proto udp and see --tls-auth or --tls-crypt in the manual.
For logging --verb 3 is good for general use, or --verb 4 (occasionally higher) when trying to debug a specific issue.
hth, regards, rob0
OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support