I am in the middle of setting up Jamf Pro. Right now I am trying to figure out how I should set up the VPN. Before we had Jamf, the iOS devices had the OpenVPN Connect app. Our users have to authenticate with an 2FA RSA securid token. Our VPN server is the watchguard firewall of our company.
I will be honest: I have no clue if this is a good approach or not. So I would like to ask, how everyone else is setting up their VPN solution.
Always on VPN? WG IKEv2 or SSL? 2FA or certificate based authentication?