Is is possible to set up a Linux + OpenVZ solution with one VE for a pptp client and another VE for a vpnc client?
What tips might you have?
What gotchas have hit you before?
Obviously I'm not (yet) tied to OpenVZ or either of the vpn clients I mentioned.
Background
Recently I asked several questions about various Linux equivalent solutions for several popular Windows-based vpn clients. This was driven by me migrating my workstation to Linux shortly and needing to still be able to connect to several different clients using up to 3 different vpn clients (windows, cisco, and symantec).
Several of my co-workers connect to these clients as well. We've occasionally had troubles in the past with having several of us connected to a given client at the same time.
After much thinking and reading on this site and others I've reached the conclusion that it would be desirable to have a dedicated "vpn client" machine through which we could all route traffic to desired customers.
My approach is to build a fairly lightweight Linux machine (might even be a virtual machine) that uses kernel virtualization such as OpenVE to create a separate VE for each client connection. With the right routing setup we could then maintain a separate, independent connection to each client as needed and have any number of us using those connections.
We aren't yet facing address conflicts with the different networks we're connecting to but that could yet arise. My guess is that we could NAT our way around that.
So, am I nuts or can this work?
I can see no reason why this won't work. Our office router/firewall is a xen VM running on top of a server that has no outside interface configured. Our router VM has a number of VPN tunnels and routing configured.