Jump to content

Any way to have an 'external' VPN? What is best way to travel overseas with work computer?

MrMitty
By MrMitty
in Networking
 Share
Posted

I have a friend who is entertaining a job offer as a data analyst. The job is remote but he has to stay in the US. Is there a way to spoof the location to the US without downloading any software on the computer? For example, is there a device that he can connect with from Spain or Italy that would make it look like he's in the US?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

You can set up the router to connect through the VPN instead, with nothing on the PC at all.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
2 minutes ago, tkitch said:

You can set up the router to connect through the VPN instead, with nothing on the PC at all.


Would anyone working in IT know that he is doing this? 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

the laptop would have no idea.

 

The VPN Exit IP, however, could possibly be known?  Depends on how much checking they do.

 

Kinda like how Netflix won't let you connect from known VPN IPs.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, tkitch said:

the laptop would have no idea.

 

The VPN Exit IP, however, could possibly be known?  Depends on how much checking they do.

 

Kinda like how Netflix won't let you connect from known VPN IPs.


The company requires use of a secure VPN to access their shared drives. For example, Outlook, Teams, OneDrive, etc. is only available through the VPN. 

So, there will be a VPN over a VPN. Will that be an issue? 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
21 minutes ago, MrMitty said:

The job is remote but he has to stay in the US.

Usually there are legal/NatSec reasons for this requirement. Please don't recommend this to your friend if will get them in deep trouble.

Main System (Byarlant): Ryzen 7 5800X | Asus B550-Creator ProArt | EK 240mm Basic AIO | 16GB G.Skill DDR4 3200MT/s CAS-14 | XFX Speedster SWFT 210 RX 6600 | Samsung 990 PRO 2TB / Samsung 960 PRO 512GB / 4× Crucial MX500 2TB (RAID-0) | Corsair RM750X | a 10G NIC (pending) | Inateck USB 3.0 Card | Hyte Y60 Case | Dell U3415W Monitor | Keychron K4 Brown (white backlight)

 

Laptop (Narrative): Lenovo Flex 5 81X20005US | Ryzen 5 4500U | 16GB RAM (soldered) | Vega 6 Graphics | SKHynix P31 1TB NVMe SSD | Intel AX200 Wifi (all-around awesome machine)

 

Proxmox Server (Veda): Ryzen 7 3800XT | AsRock Rack X470D4U | Corsair H80i v2 | 64GB Micron DDR4 ECC 3200MT/s | 4× WD 10TB / 4× Seagate 14TB Exos / 8× WD 12TB (custom external SAS enclosure) / 2× Samsung PM963a 960GB SSD | Seasonic Prime Fanless 500W | Intel X550-T2 10G NIC | LSI 9300-16i HBA | Fractal Design Node 804 Case (side panels swapped to show off drives) | VMs: TrueNAS Scale; Ubuntu Server (PiHole/PiVPN/NGINX?); Windows 10 Pro; Ubuntu Server (Apache/MySQL)


Media Center/Video Capture (Jesta Cannon): Ryzen 5 1600X | ASRock B450M Pro4 R2.0 | Noctua NH-L12S | 16GB Crucial DDR4 3200MT/s CAS-22 | EVGA GTX750Ti SC | UMIS NVMe SSD 256GB / TEAMGROUP MS30 1TB | Corsair CX450M | Viewcast Osprey 260e Video Capture | Mellanox ConnectX-2 10G NIC | LG UH12NS30 BD-ROM | Silverstone Sugo SG-11 Case | Sony XR65A80K

 

Camera: Sony ɑ7II w/ Meike Grip | Sony SEL24240 | Samyang 35mm ƒ/2.8 | Sony SEL50F18F | Sony SEL2870 (kit lens) | PNY Elite Perfomance 512GB SDXC card

 

Network:

Spoiler 
                           ┌─────────────── Office/Rack ────────────────────────────────────────────────────────────────────────────┐
Google Fiber Webpass ────── UniFi Security Gateway ─── UniFi Switch 8-60W ─┬─ UniFi Switch Flex XG ═╦═ Veda (Proxmox Virtual Switch)
(500Mbps↑/500Mbps↓)                             UniFi CloudKey Gen2 (PoE) ─┴─ Veda (IPMI)           ╠═ Veda-NAS (HW Passthrough NIC)
╔═══════════════════════════════════════════════════════════════════════════════════════════════════╩═ Narrative (Asus USB 2.5G NIC)
║ ┌────── Closet ──────┐   ┌─────────────── Bedroom ──────────────────────────────────────────────────────┐
╚═ UniFi Switch Flex XG ═╤═ UniFi Switch Flex XG ═╦═ Byarlant
   (PoE)                 │                        ╠═ Narrative (Cable Matters USB-PD 2.5G Ethernet Dongle)
                         │                        ╚═ Jesta Cannon*
                         │ ┌─────────────── Media Center ──────────────────────────────────┐
Notes:                   └─ UniFi Switch 8 ─────────┬─ UniFi Access Point nanoHD (PoE)
═══ is Multi-Gigabit                                ├─ Sony Playstation 4 
─── is Gigabit                                      ├─ Pioneer VSX-S520
* = cable passed to Bedroom from Media Center       ├─ Sony XR65A80K (Google TV)
** = cable passed from Media Center to Bedroom      └─ Work Laptop** (Startech USB-PD Dock)

Retired/Other:

Spoiler

Laptop (Rozen-Zulu): Sony VAIO VPCF13WFX | Core i7-740QM | 8GB Patriot DDR3 | GT 425M | Samsung 850EVO 250GB SSD | Blu-ray Drive | Intel 7260 Wifi (lived a good life, retired with honor)

Testbed/Old Desktop (Kshatriya): Xeon X5470 @ 4.0GHz | ZALMAN CNPS9500 | Gigabyte EP45-UD3L | 8GB Nanya DDR2 400MHz | XFX HD6870 DD | OCZ Vertex 3 Max-IOPS 120GB | Corsair CX430M | HooToo USB 3.0 PCIe Card | Osprey 230 Video Capture | NZXT H230 Case

TrueNAS Server (La Vie en Rose): Xeon E3-1241v3 | Supermicro X10SLL-F | Corsair H60 | 32GB Micron DDR3L ECC 1600MHz | 1x Kingston 16GB SSD / Crucial MX500 500GB

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
6 minutes ago, AbydosOne said:

Usually there are legal/NatSec reasons for this requirement. Please don't recommend this to your friend if will get them in deep trouble.


It's nothing like that - he just wants to be a digital nomad. The work, as I understand it, is not related to national security. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, MrMitty said:


It's nothing like that - he just wants to be a digital nomad. The work, as I understand it, is not related to national security. 

Doesn't clear the legal reasons. If there's a requirement that a remote worker be in a certain country, there is most likely a hard reason for it. Legal, taxes, something of that sort. 

Intel HEDT and Server platform enthusiasts: Intel HEDT Xeon/i7 Megathread 

 

Main PC 

CPU: i9 7980XE @4.5GHz/1.22v/-2 AVX offset 

Cooler: EKWB Supremacy Block - custom loop w/360mm +280mm rads 

Motherboard: EVGA X299 Dark 

RAM:4x8GB HyperX Predator DDR4 @3200Mhz CL16 

GPU: Nvidia FE 2060 Super/Corsair HydroX 2070 FE block 

Storage:  1TB MP34 + 1TB 970 Evo + 500GB Atom30 + 250GB 960 Evo 

Optical Drives: LG WH14NS40 

PSU: EVGA 1600W T2 

Case & Fans: Corsair 750D Airflow - 3x Noctua iPPC NF-F12 + 4x Noctua iPPC NF-A14 PWM 

OS: Windows 11

 

Display: LG 27UK650-W (4K 60Hz IPS panel)

Mouse: EVGA X17

Keyboard: Corsair K55 RGB

 

Mobile/Work Devices: 2020 M1 MacBook Air (work computer) - iPhone 13 Pro Max - Apple Watch S3

 

Other Misc Devices: iPod Video (Gen 5.5E, 128GB SD card swap, running Rockbox), Nintendo Switch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 minutes ago, MrMitty said:

So, there will be a VPN over a VPN. Will that be an issue? 

Not necessarily, but it could become an issue, some tools may not work, depending on what's accessed over the Corp VPN.. there could be noticeable delay/drops in voice/video.

 

Overall it's a pretty bad idea, IT in the company can easily find the laptop, they have backdoor access with admin rights, and some laptops have GPS receivers which is really difficult to spoof. The ones that don't, can approximate location using WiFi...

 

But if you do try it, the VPN public IP should be something unknown, ideally it should be set up at home in US, or family/friends, so that IP can at least show something close to believable. Any public VPN IP can be easily looked up online. IT will know right away. Even then, running Corp VPN inside another VPN, which is going overseas... man if IT looks they will find out in 5 minutes. Your friend may be facing some difficult questions from the boss. There are legal reasons sometimes that remote work must be done inside the country, some sensitive customer data cannot cross borders, due to legal requirements.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

-Thread Locked-

 

We can't help you on this one. If the employer wants their employees in a specific country, it's best to abide by their rules.

Quote or tag me( @Crunchy Dragon) if you want me to see your reply

If a post solved your problem/answered your question, please consider marking it as "solved"

Community Standards // Join Floatplane!

Link to comment
Share on other sites
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing Networking

×