In my org we’re only using WireGuard. However, configuring OpenVPN server seems to be currently mandatory (if it is not – please tell me how to disable it). Including providing unique port and subnet. So we do that, and immediately block that port on firewall
Additionally, this is quite confusing for the users.
If they see two buttons (green for OpenVPN and blue for WireGuard) they keep hitting the wrong one. Which doesn’t work of course.
Not to mention the case where the lack of wireguard-tools causes UI to only present ONE button labelled simply ‘Connect’ – it’s even harder for the user to figure out that’s not the option they are looking for.
It would be ideal if there was a checkbox ‘disable / enable openvpn’ (exactly the same as the checkbox for enabling wireguard).
Perhaps there’s more interest in such a feature and this could be implemented in the future?
Thanks,
Jarek
It’s possible an option will be added to disable the OpenVPN option on the client profile so that it will only use WireGuard. But currently a lot of the code that manages the WireGuard connections also manages the OpenVPN process and it would be very difficult to completely separate.
Thanks for your quick reply, @zach! I understand the problem you’re describing.
Would it be possible to change how the connection options are presented in the client? At the moment, users see two buttons: OpenVPN and WireGuard. It might help if the WireGuard option were placed first.
We’ve disabled OpenVPN server side (using the firewall), but users still get confused since the first option seems like the obvious choice.
I have added a Hide OpenVPN option to the server settings. This will hide the OpenVPN option on the client if WireGuard is available, if WireGuard is not available on the client it will be shown.
