Apologies for the late reply!
If you’re still looking for a replacement VPN solution, I can make some suggestions…
Cisco ASA, Juniper/Pulse SA, Fortinet Fortigate, F5 Big IP, and PaloAlto are the big ones we see, with Cisco and Juniper/Pulse as the most popular.
We have native support for Cisco/Juniper in the Duo cloud service. Any other VPN type needs to send RADIUS requests to an on-premises Duo Authentication Proxy.
The first four VPN types I mentioned support the interactive web Duo Prompt for web VPN login. Of those, F5 supports it in their thick client too while the others just do an automatic push request to the user’s phone.
I personally like Cisco and Juniper for relative ease of deployment and the ability to chain primary and secondary authenticators. F5 also does chaining but is a little more difficult to set up. It’s quite full-featured once you have it working.
I hope this helps!