Is it a standard that VPN is physical machine ?
I created software VPN VM inside ESXi Host, and its working neat, but I sometimes run into rare situations where I need to turn off all VMs and work on the ESXi host.
And ofcourse if the VM is turned off I no longer can VPN using my client.
What happens is I then I have to rely on (pre-configured) Port forward directly and the not VPN to connect to host, I wonder if its standard for VPN to be created on machine level, and not virtualized level.
Like dedicate small machine just for that, I am eyeing AMD AM1 platform, cause I dont think I will need CPU or DISK I/O amazing speeds, and invest only a good NIC cards.
Does that make any sense, and do you the same ?
I know i can do the VPN on network device like modem/router level, but those are expensive, going for my alternative would be cheaper, correct ?
It is common either way, neither is a standard. VPN on a router is not expensive, though. Any decent router will have a VPN option and there is never really a time that you would want to use less than a $50 router for a business, and by that price you have great VPN options.
The main thing to consider is security and availability. Both solutions can provide them effectively if done properly.
Security is a standard no matter what, but availability is determined by usage. If nobody uses the VPN, it will be respectively easy to maintain It's availability. You will know the requirements of that aspect better than us.
Lots of way to provide availability, and even high availability if needed.
Also lots of things to consider to make sure it's as secure as you are able to.