Our server consists of a single VMWare ESXi server with a dozen virtual machines running various services on it. The ESXi host is in a datacenter with one single public IP address that gets some pretty good bandwidth.
The host is not directly internet facing. There's a VM inside which is running the pfSense router distro, and it essentially does NAT and routing for all of the VMs inside the server. All the other VMs are on a small virtual local area network.
I need to set up some dead-easy remote access VPN for our remote workers to access this network.
It needs to be:
1) Really easy for the end user to install the VPN software and get up and running
2) Uses Active Directory for user authentication, and groups for access control
3) Somewhat configurable with regards to what parts of the local network the remote user has access to
4) Solid and work well in a variety of non-ideal networking environments (e.g. hotel, tethered to a cell phone, etc)
We have a Windows Small Business Server 2011 VM running on this server, so a simple solution was to set up PPTP VPN, but it isn't secure. I have not been successful configuring IPSec and L2DP VPN on the SBS 2011 virtual machine.
Originally I wanted to set up the pfSense router's internal VPN services and use that, but again PPTP is insecure, I wasn't successful setting up L2DP or IPSec, and OpenVPN seems pretty complicated for the end user.
Are there any virtual appliances that provide a really easy remote-access VPN solution + a client that works reliably on Windows?
I was thinking about this:
But wondering if there's maybe some other products I might be overlooking?
Commercial is okay so long as it's a relatively small one-time licensing cost.