Not quite sure what you mean by 'client/server', but I assume you mean that it's not just a two machine tunnel (i.e. you want many clients connecting to one server). If so, then give OpenVPN a look.
AFAIK there's no web interface to it and the client software needs installing on all machines that will use it, but it's relatively easy to set up, and very flexible. Perfect for a small number of users connecting to your home machine. It works on both Linux and Windows, and is much easier than a full blown IPSEC VPN. Plus it handles stuff like NAT and proxy servers fairly well.
I don't personally know of any web based systems (well open source anyway). Perhaps someone else will. I'm always a little suspicious of such interfaces though. My problem (whether justified or not) is that potentially anyone can connect to it. And since users are required to log into a web form, the password has to be remembered, and therefore not all that great (certainly less good than the public key encryption available with openvpn).
Of course, it may be that the citrix system uses secure tokens etc, which is a good thing, and my fears could be entirely unjustified. Just my prejudices really.
Also, (and I know this is just investigation), but do you really want users to be able to connect from anywhere. I know this is a supposed selling point of these web based SSL VPNs, but it has some pretty serious security implications. Even with a secure token and ultra strong password, a user could (and trust me, someone would) visit the local internet cafe and log in to your VPN on a virus infested Windows box. It doesn't matter how good the password is, or that the Citrix App is 'secure' and bug free. An attacker just got a free pass to your network. I would personally prefer to have a least some control over which machines are connecting to a network.
Wow, I've gone completely OT....
Give OpenVPN a try