vpn that only accepts certs (no username/password) is easy peasy, tho.
i’m selling the advice man, not the implementation.
Yeah, but someone has to update and maintain the VM. I wouldn’t trust smaller orgs with tasks like that, tbh.
If they’re considering to use consumer vpn tools for enterprise needs, I wouldn’t trust them to patch and maintain a linux vm religiously.
The knowledge is more expensive than the implementation.
An advice is not the knowledge.