We’re a consultant business and have a need to connect to many different customers throughout the day. Up until now, we’ve insisted on only using Cisco AnyConnect, the older Cisco VPN Client or remote desktop to connect to customers.
This is starting to become an issue, as Fortinet and others are being rolled out as replacements for older ASA hardware.
Have anyone experienced issues with having multiple VPN clients on the same PC?
Not a direct answer to your question, but would a SDP/ZTNA solution work for you instead? Provide access rights to whatever resource based on a profile in your IDP, clientless. Boom.
It all depends on how the vpn software is designed. Even two customers using the same vpn can cause issues if their installer does not allow to modify connections (which you need to connect to the other customer).
You could look into the built-in vpn connections in windows, that might work better.
Assuming these are Windows VMs, it might require Software Assurance and/or VDI licensing from Microsoft to be legal. It’s not what we think of as VDI but I just googled and found “remote or local use of a Windows 10 in a VM”.
I was assuming the issue is that OP’s company doesn’t have control over what remote access methods are made available by those clients. I have clients like that.
Yeah, it’s a bit much for the use case I think. The VPNs are fine, I’m just trying to figure out what kind of hornets nest I’m sticking my hand into by installing all the clients.
That’s exactly it, yes. We have no say in how the connections are actually configured, unless they result in a scenario that for some reason won’t work for us.
Maybe a decade ago it was absolutely the case that two VPN clients would blue-screen a PC in no time. I don’t know if they were jockeying for NDIS placement or hooking syscalls, but whatever it was seems to have gone away in more recent versions of Windows.
So there are probably old wives tales floating around, but I don’t think it’s a thing anymore. I have an ops station with Cisco, Sonicwall, Shrewsoft, and OpenVPN all happily running.
The real biatch is full tunnel - as soon as you connect, your email/documentation/shares/printer/soft-phone all go offline. I just run a separate ops station next to my daily driver, but a VM could work as good.
The policy about only supporting Cisco is an old one, which I’m going to challenge, but I couldn’t really find anything about mixing VPN clients in my research. Guess I’ll try it on a few and see how it goes.
Full/force tunnel is annoying yes, but we can live with that. Bluescreens not so much
I forgot about this - check out NCP. It’s supposed to work with a lot of different providers. I haven’t used it but I’ve had coworkers that swear by it.