OpenVPN has so much more potential than is implemented here. Authentication should be tied to user certificates, not clients. There should be a way to create multiple OpenVPN servers running on different UDP ports. OpenVPN should become a virtual interface, opening up the option to use better firewall rules.
Consider how pfSense implements this.