Hey everyone! I'm currently considering a switch from our SSL VPN to something more efficient and user-friendly, and I'm eyeing Microsoft's Always On VPN (AOVPN). Our setup is mostly on-premises in a hybrid environment, and I'm worried that implementing AOVPN might need several additional servers—though I could be wrong since we already have an NPS server and AD DC. I'm looking for any feedback or experiences with AOVPN and curious if there are better alternatives out there. If you've got any helpful resources for AOVPN, I'd love to hear about them. I know there's a popular book out there, but I'd prefer something free or included in Microsoft's materials if possible. Thanks in advance!
3 Answers
We opted for AOVPN but found it tricky at first. Instead, we switched to a FortiGate setup for the AOVPN gateway, which allows us to use a device tunnel only. If you're open to alternatives, consider Let's Connect VPN with WireGuard if you're okay with a Linux setup. It might be a solid SSL-VPN replacement!
If you're looking into AOVPN, definitely check out Richard Hicks's blog. He’s a true expert on this topic! His site has tons of resources, and he’s involved in an open-source project called DPC that simplifies AOVPN setup with robust features. Trust me, it will save you from countless headaches with scripts and issues!
We tried AOVPN for about two years, but it was pretty unreliable for us, so we shifted to Forticlient's SSL VPN. Now, we’re moving to Fortinet’s ZTNA solutions, which have proven to be cheaper and more reliable. If you’re looking for something free, WireGuard might be an option, though I can't guarantee it will fit all your needs.
After hearing your experience, I’m a bit wary of AOVPN now. Our current solution is stable, but I'm being pushed to give it a shot. I’ll test AOVPN and see how it goes, but I appreciate your sharing this! It's helpful.