Hi Bradley, first thank you for the clearly witten article on getting OpenVPN setup on an Ubnt EdgeRouter.
However, I did notice an issue with one section of the article. You recommend creating a 1024 bit Diffie-Hellman (DH) parameter, which has been considered weak since 2015 (see https://weakdh.org/). The recommendation from that research is to use a minimum of 2048 (see “Using a Strong DH Group” https://weakdh.org/sysadmin.html). The Information Assurance Directorate (IAD) at the NSA Suite B currently recommendation is a minimum of 3072 bits (https://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm).
I would recommend updating your article to use 2048 so that anyone following the instructions who is not familiar with DH/crypto are not creating weak parameters:
openssl dhparam -out /config/auth/dhp.pem 2048