What needs improvement with OpenVPN Access Server?

It should automate our processes. Our developers continuously improve the software, but we'll continue using PowerBuilder unless we undertake a significant project to migrate to a different platform, possibly Java. Additionally, we need RPA software. I've also looked into Twilio, which provides automated SMS alerts. We're assessing how useful that service could be for our needs.

The solution should provide a faster connection, and its security could be improved. The solution’s stability could be improved.

One improvement I would like to see in OpenVPN is better adaptability in certain geographical areas, like Asia, where the traffic can face blocks. Addressing this issue would enhance the overall performance, especially for data transfer in those regions.

The product’s connectivity is very slow. It could be faster.

The logs should be made easier to read. If there is an issue, it takes me a while to find it in the log.

Sometimes OpenVPN Access Server is difficult to connect to, and in our company, we don't know why it is difficult. The product may not connect if we lose connection at times. There are certain shortcomings in the product's stability that need improvement. In general, I want to improve the connect connectivity of the solution since I sometimes face stability issues.

I want the tool to be faster. We have experienced connectivity issues while using OpenVPN and FortiClient.

The stability of the solution could improve.

They should make the solution more secure by adding some firewall functionalities.

It could be faster. It could also be more stable.

One area for improvement in OpenVPN is the ability to selectively terminate connections. If the program could list active connections and provide an option to delete or kill them, it would be a useful feature. This would save users the trouble of having to restart the entire program each time they need to terminate a connection.

The stability of the OpenVPN Access Server has room for improvement.

The interface could be a little bit better in future iterations.

The performance could be a bit better. The stability could always be enhanced. When there are too many concurrent users trying to connect at the same time, there may be a bit of a bottleneck. When all people would like to reconnect to the VPN at the same time, the performance and availability of the solution could be better.

You do need expertise in implementation if you do the initial setup yourself. As it is open-source, if you run into issues, there is nobody available to help you. We can have more interfaces with the Active Directory. For example, if you want to integrate, it's not really working very well as an authentication method. Security-wise it's using good protocols like SecureONE, similar to AnyConnect. However, implementation-wise for the interfacing to the AD and interfacing to the Authenticators, it's a bit difficult. We had updated this a year before, and we had to revert it back to work with Google Authenticator.

Open VPN Access Server could be more user-friendly.

The server configuration file needs to be improved, it's the biggest problem in the configuration process. I would also like the product's routing to be easier.

The scalability of the solution could be improved.

The high availability deployment is not very straightforward. They can make it simpler. OpenVPN does not support some of the additional protocols that Pulse Secure and Cisco AnyConnect support. They can include support for these additional protocols.

We would like to be able to access the parts of the network that belong to other virtual LANs, which is not currently possible. For example, if an organization has different VLANs for sales, developers, and production, then we can only connect and view one of these segments. If you can access sales then you will have visibility of that particular subnet and not be able to see the developer VLAN resources. The security needs to be improved because it was a complaint that our customers had. I'm not sure exactly what the specific issue is, other than they told us that it was not compliant with their organizational policies. It is not possible to scale this solution horizontally, which is something that should be improved. They could allow multiple instances to run in different zones, synchronizing with each using a round-robin scheduler. It would be great if they added intrusion prevention and detection (IPS/IDS) features. If they had these then there would be less need to use other products, such as firewalls. It would allow everything to run under one umbrella with centralized control.

The product is fully customized through configuration files, which is all achieved through manual data entry. This is where it becomes unattractive. If there was a Graphical User Interface to help streamline the configuration, I believe OpenVPN would probably venture more into the non-geek realm as it were. What I mean by this is, if there was a form-driven configuration process, like a "File -> Settings" kind of thing, where the end user can enter data into fields to specify the connection specifics, e.g. hostname/IP Address, protocols, etc. that could be written into the config file in the background, similar to what you see in YaST over in openSuSE in some of the services area, etc., and basically foolproof the VPN configuration, you may see more GUI-oriented folks using OpenVPN. Of course in saying this, I anticipate what's going to happen: "Well, give it a try, Elliott!" I'd love to, but my programming skills aren't there yet - I'm a "Edit the file" guy...

The upgrade path from older versions was more difficult than we wanted to tackle, so we ran an older version of the software for longer than I wanted. Patching, updating, and migrating to newer versions was a problem for us. That said, we were on a rather old version that I inherited yet it worked rock solid.