OpenVPN Access Server. 2 Users are free. I’ve never had an issue we reliability, but you can create clusters of them if needed.
We use UTunnel.io and it’s a good solution. It’s Ubuntu based solution and also works with public clouds and on premise. They have monthly pricing per user.
Palo Alto PA220 is well prices and the client has proven to be stable with many configuration options.
It can be set to automatically connect and will work inside and outside the office.
Softether great and free
We switched to an SDP solution. It’s called Zone Zero from Safe-T. Very good stuff. Deployed across all tenants in ~3 hours.
Anybody tried PDQ Link yet?
give a look to Akamai EEA
We use a windows box with routing and remote access. You can slap Azure MFA into that if needed.
I would replace those firewalls with Meraki - rock solid for us.
We utilize FortiNet routers (FortiGates) and utilize the sslvpn options in it.
The vpn client is pretty robust and you can do some more things with it if you license the features (AV / exploit mitigation / telemetry / etc.).
You can two factor the users for $50/user in multiples of 5, and then you own the license. No subscriptions for the two factor.
I’m sure I’ll get flamed for this, but SonicWall virtual SMA (there are also hardware SMA
appliances) work great. We use the VPN on their UTMs for smaller deployments, but will recommend one of these for anything over 10 or so users.
I mean, OpenVPN is pretty solid?
Only thing is generating new profiles can be annoying
I just setup vpn for a customer using Unifi.
It was easy to setup and adding a vpn with win10 was easy too.,
They just started using it yesterday. What kind of problems are you seeing?
OpenVPN is most common DIY software VPN but a lot of maintenance. Lot of folks are trying newer products like Cloudflare, Akamai, Twingate
+1 for softether here! Lots of YouTube guides. Can use AD authentication (RADIUS or NT) and the client has an “easy” mode.
It’s a very advanced /complex software that can be used in multiple configurations and is well worth the time learning.
Best of all - it’s free
Softether is great - it’s UI can be a little confusing the first time around since it has so many options, but it has a very good wizard for setting things up. It works reliably and supports pretty much every commonly used protocol.
Put a shortcut to C:\Windows\System32\rasphone.exe on their desktop, and have them use this to connect/disconnect from VPN. Made all of our troubles with the system tray connection method disappear.
Some clients would just hang spinning on connecting no matter what we did when using the system tray.
Draytek VPN client works perfectly with Meraki. Its a free download as well. Customers have noticed an improvement in performance over the windows client.
What exactly is the complaint? We have hundreds of Merakis and no complaint about the firewall.
We have scripts to create it along with a rasphone desktop shortcut, some even deployed on login by powershell.
Love ZeroTier. No open firewall ports people!