I understand that in 2.27 it is an initial version with Open VPN Server.
In addition to the options that pseudonoise suggested:
2, GUI for VPN Server port selection.
3, Multiple user certificates. I would add including the ability to generate a single additional certificate and to revoke certs.
4, A start VPN server on boot option tick box. I would add - make start on boot the default.
5, An option to force DNS servers
My suggestions are:
6 Tun vs Tap selection
7 Check boxes to select which networks OpenVPN clients have access to.
Nothing checked means access only to the router.
Check boxes for each adapter or virtual adapter to which OpenVPN clients have access.
8 Option to use UPnP for opening ports when router is behind another NAT (on by default)
9 IP4 / IP6
10 UDP vs TCP (UDP by default)
11 Selection of IP address of VPN and the subnet
12 Whether to tell clients to redirect internet traffic (use VPN for gateway).
13 Client isolation (allow client <==> client traffic or not)
Open VPN Server is on a number of other consumer level routers, I’m sure you can also take a look at options provided there.
Given the ~1W power requirements of the AR-150 (1.1W when supplied by my PoE switch) this really is a lot of flexibility!
Thanks for your suggestions. I do have a ASUS router with openvpn server. It does provide some settings which make it very complicated to use.
2, 3, 5 will be added.
4 should already be done, I think.
6 Tun and Tap will be investigated. I think this will be different scenarios.
7 should be done in client side, not server side.
8 We did you upnp to open ports but seems this is never reliable. Less than 30% can be successful. Most routers will have upnp disabled.
9. 10. 11 Yes.
12 I am not sure if this should be enabled. My ASUS router surely have this. This changes the application scenario. I’d rather to add if vpn should be able to access the local network. By default, it only can access Internet.
13 Good suggestion.