I spent (on and off) a few weeks setting up self-hosted deployment to evaluate the VPN for workplace. After setting it up (personal server) and few days of testing all of the functionality I learned that v0.22.0 removed TURN on behalf of a paid feature called failovers, which in turn disabled the very basic functionality of peers talking to each other from behind NAT.

This move eroded the little trust (after numerous code fixes required for AzureAD authentication to work) I had in Netmaker and discarded the VPN solution on behalf of the competiton.