diff --git a/VM_VPN_GATEWAY.sh b/VM_VPN_GATEWAY.sh
index c397c95..8161952 100644
--- a/VM_VPN_GATEWAY.sh
+++ b/VM_VPN_GATEWAY.sh
@@ -6,7 +6,10 @@
 
 # --- configuração --- #
 source VM_CONFIG.sh
-yum install -y google-authenticator
+yum install -y google-authenticator qrencode ntpsec
+systemctl stop chronyd
+ntpdate pool.ntp.org
+systemctl start chronyd
 
 # --- forwarding --- #
 if_fora="enp0s8"
diff --git a/conf/client.conf b/conf/client.conf
index e1e43fe..87361c7 100644
--- a/conf/client.conf
+++ b/conf/client.conf
@@ -16,3 +16,5 @@ auth SHA256
 
 auth-user-pass
 tls-auth /etc/openvpn/client/ta.key 1
+
+remote-cert-tls server
diff --git a/conf/vpn.conf b/conf/vpn.conf
index 38be1fc..d621874 100644
--- a/conf/vpn.conf
+++ b/conf/vpn.conf
@@ -21,3 +21,6 @@ auth SHA256
 # plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so login
 plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so totp
 tls-auth /etc/openvpn/server/ta.key 0
+
+static-challenge "Enter TOTP: " 1
+handshake-window 120