[guyromm]

A client that I'm consulting was being ripped off by a local IT provider with pricing for on-premises servers & MS software. I proceeded to rent cheaper equivalent machines off-site. The IT provider claimed the hardware firewall (Fortigate) was not configurable for site-to-site to the new machines directly (could be, not an expert on those). Therefore, I ended up purchasing several Raspberries and configuring them as OpenVPN routers that opened up the office LAN to said machines. Quite satisfying, as it allowed to break the client out of the proprietry software/hardware/vendor chain at a rather small expense.

[weaksauce]

Fortigate is pretty configurable. I’d be really surprised if it couldn’t do site to site or site to client with a little configuration.

[the_angry_angel]

You can absolutely configure IPSec tunnels on Fortinet.

Can I ask, do you perform updates and maintenance on these boxes? How do they perform in terms of throughput with openvpn?

[e12e]

I'd be more interested if wireguard is an option, and how it performs. Since they're already on linux/oss.

[the_angry_angel]

IPSec is pretty much the standard interop still - pretty much everything talks it Cisco, Juniper, pfSense, Fortinet, etc. You name it I’d be surprised if it didn’t have support.

I’d love to see wireguard implemented in the networking world, but I think it may take some time to get there :/