This advisory addresses best practices for managing multiple shared VPN clients in a small consulting environment. The primary challenge is ensuring that various incompatible or conflicting VPN clients can be used simultaneously without system conflicts. In the current setup, separate physical PCs are utilized for each different type of client (e.g., Sophos, Forti, Cisco), which introduces inefficiencies and logistical challenges. A more scalable solution involves using a Proxmox host to run multiple Windows VMs, each dedicated to one specific VPN client. This approach mitigates conflicts by isolating the clients within their own virtual environments, accessible via RDP through Guacamole. Engineers and system administrators should consider this setup for its improved efficiency and reduced risk of client interference.
- Sophos UTM
- FortiClient
- Cisco AnyConnect
- OpenVPN
- Install Proxmox VE on a server, ensuring it meets the hardware requirements for multiple Windows VMs (e.g., 8GB RAM per VM).
- Create virtual machines in Proxmox with sufficient resources and install the required operating system (Windows 10/11) on each.
- On each VM, install one type of VPN client and configure it as necessary for the specific customer environment.
- Set up Guacamole to allow RDP access to these VMs from a browser interface.
The impact on homelab stacks is minimal since this setup primarily concerns enterprise-level configurations. However, enthusiasts or small businesses using multiple incompatible software clients could benefit from similar virtualized environments for testing and development purposes.