Most VPN companies also just offer OpenVPN configs for download. Not doing that is imho a great indicator their client might be doing a bit more then it should.
It should be noted, that for some of the providers, the OpenVPN configs they provide and their clients actually do different things.
The ones I've dug into do seem to all setup VPN networks with their clients, but some of them do something extra to special case some major media services. You'll see little oddities, like the webpage for disneyplus.com being routed through some special IP, no doubt to work around a block, which the content CDN requests are left to load through the normal VPN connection. The OpenVPN config file does none of this.
On top of this, how they get these IPs that are unblocked, is ... questionable.
Agreed, it’s really dubious how hard ExpressVPN, ProtonVPN, and others are pushing their closed source binary clients. They are not just a convenience wrapper to download config files, there seems to be something more involved. The paranoid in me wonders if it’s some sort of phone-home mechanism so they can identify you if needed or if they are trying to inject ads at layer 4. It really stands out compared to the VPNs that invite you to download and review all of their client and server config files.
I can understand that a couple hours of support can really eat into the margins - but in the same breath the vast majority of users are down to just download the binary client and be on their way - it’s only a small percentage that want to do things low level and we probably aren’t going to need help from support beyond downloading the configs if they are hidden on the website.
Expressvpn actually has the openvpn file as well on their website (for devices their client doesnt support). Although using the IP (instead of the url) in it lead to problems for me since it switched regularly in the subnet. So every few weeks i had to update the file as well as my IpFire config.
In all fairness they also do some reasonable stuff with the client, like blocking your internet connection if you get disconnected from the VPN. But yes, didnt use the client either.
