For connecting to my server at home from anywhere nothing more interesting than SSH.
Diffie-Hellman key exchange, a reasonably strong cipher, just fine.
IPSEC in transport mode for my anywhere to home VPN. Nothing weaker than 1536 bit RSA for key exchange and 128 bit AES cipher on the list.
TLS 1.2 patched with latest and greatest for dialling out from home.
Beyond those I can't say I've obsessed that much over it. It's far more likely that someone who wants to read my traffic will pwn me with zero-day exploit malware than attempt to decrypt anything.
If you are worried about people attempting to decrypt your VPN traffic I have no idea what kind of enemies you have or what you feel you have to hide but am glad I don't share either your enemies or your need for such privacy.