Thats an interesting problem to think about, however a few issues that could cause headaches.
If you are setting yourself up as 'The Server' on a VPN'd network, are all the OS' homogeneous or hetergeneous?
Assuming a mix of MS, Apple, and Linux just to make it difficult, you're going to need to get multiple different backup clients. Unless someone out there has a cross-platform one.
You have to assume at some point, someone if going to get pwned. What happens when a compromised client connects, assuming a chron job and its not always connected to the 'LAN', and the malware starts poking the network share, or scanning your ports?
Not a sysadmin, however for something like this I think my first blush thoughts would be to set-up OpenBSD as the server, and give all the clients an individual specific window (0000-0100, 0200-0300, etc) to connect and back-up to their individual private share?
Get the firewall locked down solid, and then figure out what you server's own back-up and back-up testing plan is.
Oddly enough, my IT calls from family and friends has pretty much been quiet the past several years.
I think most everyone is really just using their phones now, and their desktops are just dusttops now.