I’ve installed Guacamole on my Nethserver. Was thinking of adding Guacamole to my Nextcloud as an external app. This would provide an extra layer of protection for login if someone tries to get into our network from outside. They would have to login first to Nextcloud and then Guacamole second.
But another option is to allow direct outside access to Guacamole Server from WAN and use fail2ban as my added protection. How should I implement this? I see reference to fail2ban directly in Guacamole or fail2ban installed as a module on Nethsever. Which one should I use?