Hey folks,
I’m currently running OpenVPN for around 100 users and I was considering looking into another product as the company is growing fast and I’m not sure OpenVPN in it’s rawest form is the easiest to manage in the long term.
I would need it to be compatible with Windows, Linux, iOS and Android.
What makes you think OpenVPN isnt easiest to manage in the long term? Just curious
I like pfSense with the OpenVPN package. That way you can add firewall rules and use pfBlockerNG to block entire countries who are trying to brute force your OpenVPN server. Additionally, setting up LDAP/RADIUS is super fast.
I would mix OpenVPN and IPSec, IPSec for users that are on the road and OpenVPN for routes that are always up. OpenVPN has an easier way to propagate routes than IPSec
Currently using OpenVPN at two client companies. Hard to beat the cost and others have already suggested packages to beef up the security. OpenVPN has a deployable mobile client thats pretty great too.
What firewall?
I usually use the firewall’s VPN for my clients. Integrate with AD/LDAP and call it day.
Definitely OpenVPN. Currently I use it standalone in Debian but you can also use OpenVPN on popular router distros like pfsense.
Take a look at pritunl if you want to stick with openvpn but want to have an easier way to manage it.
Using both RRAS/NPS hosted IKEv2 and FortiClient for SSLVPN depending on customer
Yeah, what’s your issue with management? I find it to be super easy.
anyone try zerotier one? I’ve been playing around with it for my personal use. May be good for a business environment.
What firewall do you have? Last place I was at used Sonicwall and I thought it was easy to manage. Here we’re using Cisco AnyConnect and it’s also really great.
Cisco AnyConnect would be my first choice. OpenVPN Access Server would be second.
OpenVPN-AS – so much easier to manage and extremely easy for clients to use.
edge device. managing a server/software for vpn is annoying.
We use Cisco AnyConnect.
NetMotion is my recommendation. If works behind the scenes and requires no user interaction. I use it for department computers and in our vehicles.
SoftEther.
Cross platform, multi protocol. Does not require end devices to have a VPN clients installed (very important for mobile phones…), has all possible encryption options, features and integrations. Runs much faster than OpenVPN or Windows Server build in VPN. Everything I tested with it, just works.
See if your firewall vendor makes a vpn client most do and most are free
I didn’t see DirectAccess mentioned here, even though it’s not a true VPN but has a similar result. Is there a reason nobody uses it?
We’ve had great success here with about 50 users that are pretty terrible at remembering or understanding logging into software (sigh).
Sorry if I hijacked thread but maybe you can find pitfalls mentioned here as well 