OpenVPN Review

Allows us to securely do remote product updates, as well as local subnet blocking

What is our primary use case?

We have multiple clients on our VPN, and we do logon for support, backup, and product updates.

How has it helped my organization?

It can securely do remote product updates, push out product updates; just like on our LAN, it's a virtual private network and we just push across our updates.

What is most valuable?

One of the new features of it is you can change the default port. Instead of 1194, like everybody expects, you can change it to whichever port you want to use. 

Another thing is that you can do local subnet blocking.

What needs improvement?

They may have this already, but it would be nice to be able to get more notifications if a site drops unexpectedly.

It would be nice with all these features, if they could send some examples of each one; just small sample scripts to look at and say, "Oh okay, I could expand on this." That would help us a lot.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

No real issues with stability, but it could be a little faster at times, though there are tweaks for that.

Also, I don't think it's really their issue, but sometimes I think that our sites - our IT departments - might do something to disconnect the connection. We can't always prove that but I think that's what happens. I have developed some scripts that detect that and will re-trigger the service. So that's not really an issue any more.

What do I think about the scalability of the solution?

We had some scalability issues at first but it was our own lack of understanding. We had created just the limited set of clients, before we expanded on that to maximize it to 1000-plus clients on one subnet. That was all our own research and fixing that.

How is customer service and technical support?

Tech support is very good. They've got such a good product that I've only had to use them once or twice. The other times I have done an internet search and was able to find something that I needed.

How was the initial setup?

It was a little bit complex but now that I've done it a couple times it's pretty straightforward. Looking at everything to begin with was a little bit complex, building the certificates, etc. Since then, we've scripted everything and that makes it much easier.

What's my experience with pricing, setup cost, and licensing?

I think it's an exceptional value.

I think the pricing is an exceptional value. I didn't really deal with the licensing issue, but I have heard that if you know that you're going be doing it for at least five years, they do offer a 20% discount.

Which other solutions did I evaluate?

I don't recall any other options at that time. Somebody else in our office suggested OpenVPN and we went that route and it worked for us.

What other advice do I have?

If you will be creating several client configurations, create a script or some kind of automation for the steps of calling into the template where you can plug in parameters such as the key names and the actual subnet of the address that will be used. Then, in part of the script, do all the packaging of it because it will prevent errors and typos and save lots of time too.

Also, expand on the number of connections right away, and have some reset scripts for each phase, if it goes down, to be able to restart it. It can be difficult to connect to a remote machine if you've lost your connection.

I would rate it a 10 because I don't know of any other features that we're missing and it's so simple and flexible, customizable, that it's a really great product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment