Is this regarding server or client implementation? Are the client implementations of major operating systems (eg. Windows, Mac, iOS, Android) secure?
Regarding security: I had to reduce cipher strength to allow Windows client without further configuration. I'm using aes128-sha1-prfsha1-modp1024 which IMO should be relatively secure for home usage, but it's not very secure against governments. It's possible to use stronger ciphers, but you need to use some registry changes or powershell snippets for that, and I wanted to keep configuration to GUI dialogs. I have no idea why Windows by default does not accept strong ciphers.