This is pretty neat. I looked at the current limitations, though, and a lot of them are things that damage performance, or greatly limit compatibility (TCP-only, no client certs, lzo compression required, only one choice of algorithm). I expect many of these will get fixed over time.
It was originally written to work nicely with IPredator first, simply because that's our current VPN service of choice. UDP support will probably come, but it actually severely impacted performance (about 30% slower). Trying to squeeze out as much bandwidth as possible, we focused on the TCP part for now.
