Wireguard is great, but is not supported on many devices, and does not auto provision configuration files for all your devices. Please look into algo, it really is the best solution for 99% of people.
IPSEC and OpenVPN are far more dangerous than Wireguard is, so while it might be simpler for some kinds of users to boot up an OpenVPN connection, that doesn't necessarily make it the "best solution".
OpenVPN depends on TLS and basically all the code in openssl (many lines of code, not possible to audit by one person).
In a version I used, after TLS handshake it used a custom bulk data protocol and defaulted to blowfish for the crypto (these defaults might have changed since).
It runs in userspace so the speed is not good.
IPSec has better performance because it runs in the kernel, but the protocol is bad and the amount of code in the kernel is enormous, as much as all of openssl, and this cannot be audited by a single person.
Wireguard has good performance, has only ~4000 lines of code that need to be audited (designed to be audited by a single person) and uses very modern crypto.
It's pretty terrible advice for anyone who isn't running Linux on their endpoints, or non-technical users accustom to an openvpn-as or other web-bootstrapped vpn client.
While admittedly it's been a few months since I tried out the Golang userland client on OSX, the last time I did, it suffered from strange latency spikes and packet loss. I've only had luck with the Linux kernel implementation. (Which works swimmingly on my Linux and Android (self-maintained Lineage build) devices.
Wireguard is a great VPN protocol. At this point in time it is a lousy VPN solution for all but the most basic uses. Given time the necessary infrastructure to make it a great VPN solution will develop.
What's a common-case VPN problem, the kind that (say) 3 out of 5 company or personal VPN users would have, that aren't well addressed by Wireguard, other than lack of Windows support?
My two cents... (with my only experience being installing Wireguard on a RPi to get a VPN connection back to my home).
I think the biggest problem is the lack of a simple GUI process to manage the connection.
I have scripts setup to run `wg-quick up` or down hanging out in my menubar (Mac), but that's not something that I'd expect everyone to be able to do or setup themselves. However, a "Enterprise" managed environment might be able to come up with something that works. This is something that the community could fix independently.
However, (at least for Macs) the install process requires installing Homebrew, installing a package at the command line, editing a config file with strange keys, etc... This could all be GUI-fied and made less intimidating.
But, the other (probably bigger) thing for corporate use is having a company behind the protocol to be able to buy products, support contracts, etc... I mean, a company isn't going to switch from an SSL VPN to Wireguard if you can't have an outside entity to sue if things go wrong. This is something that will just take time to build up the comfort and scale.
Wireguard is great, but is not supported on many devices, and does not auto provision configuration files for all your devices. Please look into algo, it really is the best solution for 99% of people.