During my career i have been able to deploy a number of VPN configurations to help support a corporate environment.
I was able to deploy Remote Access VPN services using Cisco VPN3000’s and then later Cisco ASA (eg. 5515X, 5525, 5585 models) to suit the requirements of the corporate environment. I was also able to utilize ASA’s to do Site-to-Site VPN to allow sharing sensitive corporate and medical information between organizations while maintaining security of both the corporate environments.
I have experience with software VPN products such as OpenVPN. OpenVPN was an excellent solution for out of band connectivity as there is good hardware and OS support. I used it to get OpenGear terminals to connect to a cloud VPS running OpenVPN for accessing terminals when a network disaster happens. I have established CA’s when using OpenVPN for certificate based authentication of users and terminals.