I'm assuming that Android has built-in support for IPSEC and PPTP. IPSEC or PPTP would require something like OpenSWAN or PopTop, respectively, running on your router to provide the tunnel endpoint. I'm not sure how "open" your model Netgear is and if packages exist to install.

OpenVPN is SSL-based, L3 not L2, and partially proprietary with respect to enhancements and protocol. Most of the router firmware ship with it because it was the package included with OpenWRT, which several router platforms are based off of.

I've run the ovpn client before and it does OK. On Apple devices it integrates with the VPN settings so you can enable / disable from the slider in settings so long as you store credentials in the ovpn app.

Good luck

ETA: I would highly recommend that if you do set up OpenVPN that you investigate its external AuthN abilities to authenticate against a Radius or similar AAA server, ideally not storing those credentials in the app, and use the feature "push" to propagate those settings to all clients. Even flat-file password hashes provide an extra layer of trust.

If you simply use key file or device-level authentication (as is default), then you run the risk of anyone that obtains your phone having access to the tunnel and potentially your private network. Yes, the certificate can be revoked, but if your device is secretly cloned, you may not know you've been compromised until it's too late.

Thanks... Android has those built in for support. Oddly and depending where openvpn is being configured, files are different for Windows vs Iphone vs. Android. Android only needs one file while Windows and Iphones require multiple files. I believe one of them was a certificate file.

Actually, you can embed the certificates directly into the .ovpn files in different sections from the configuration declaratives.

This format works across all of their clients.

Windows in particular might have an issue with this due to OpenSSL behavior looking for key files on NTFS.

On Apple devices I usually just email the .ovpn file with the keys embedded and it opens in the client.