- Multi factor / one-time password authentication capability.
- Stronger everything security-wise: AES encryption, anything better than SHA1 IKEv2, etc...AND configurable with however I would like based on my needs, not stuck with just one way of doing it ike we currently have.
These really have to be huge requests I imagine, especially for compliance needs.
I really do hope this is already on the Meraki roadmap for their MX firmware.
Multi-factor/OTP is available using a RADIUS server from an Multifactor/OTP vendor.
AES is already being used. Unfortunately I think SHA1 is still used.
IKEv2 would be excellent to get.
I would like to be able to configure policies per VPN user, so different VPN users have different access permissions.
having MFA/OTP built in would be nice still. I come from a SonicWALL background and this feature was built into the appliances.
Strange regarding AES, as I spoke to Meraki support not long aog this week, and they state the following is used for client VPN:
Definitely could be better and why it isn't in this day in age, who knows.
I would also like to be able to assign static IP's per VPN users.
The group policies are currently assigning per IP and if the user doesn't use the VPN for about a month, the IP gets assigned to someone else and they then have the wrong access.
Though I supposed @PhilipDAth suggestion of access per user account would solve that problem too.