The company I work for has needed some changes to the VPN solution we have been using for our “road warrior” and remote users. After experimenting with a few different packages we have adopted OpenVPN.
Its simple to setup (once you have wrestled iptables into submission) and can be configured to authenticate via x509 certificates. I was particularly impressed that under Linux 2.6.x it needs no kernel modules/modifications which we found painful with freeswan as every kernel release meant a new compile cycle.