Solution benefits

EFFICIENCY

drake-yes-img

We can utilize light weight jump hosts (VMs) as SSH tunnels and SOCKS5 proxies, allowing us to use our familiar, locally installed toolsets...

Browser, including bookmarks and extensions/plugins for password vaults.
Preferred SSH client, including session configurations, allowing us to store session log files locally.

Additionally this helps us avoid loss of configuration or data in an event where an explicit "Client VM" may become corrupt, and prevents us from having to work through oddball methods to copy files; e.g., logs, firmware, etc.

Finally, this reducess the risk of our laptop network stack getting 'wonkified' by multiple competing VPN clients.

Caveat

This solution is not viable for client VPNs that do not permit split-tunneling or honor our persistent, low-metric, static routes.