Bypass Deep Packet Inspection

[MaroonLance]

I have an issue with my network where I’m limited to 7 MAC addresses (each MAC address is assigned a static IP address). I tried just using a cheap Tplink Router/WiFi AP to set up a small network so I could have more VMs. However if the network detects a router is being used, it blocks Internet to the IP address until it detects it is no longer be using as a router.

 

Changing the MAC address had no affect nor did changing the host name so I suspected the packets are being inspected for NAT. I purchased a PC Engine APU2C2 to use as a router to run pfsense on and use a vpn so the packets cannot be inspected. However I wanted to see if anyone here had any ideas as using a halves my band with bandwidth (30-40Mbps on a connection of up to 100Mbps) and make my ping quite high.

 

I currently use PIA as my vpn provider if that helps.

[Electronics Wizardy]

My guess is you want a faster pfsense box. VPNs can use a good amount cpu power, and that box seems to have a very low power cpu. Look for something with aes-ni

[MaroonLance]

Anything I can do such as changing  some settings to get some more performance? Could the PIA Servers be a bottleneck? 

 

Also I spent £170 building that pfsense box so I would rather not replace it so quickly. Especially as after I move in July I won't have this stupid MAC Address limit so a vpn tunnel won't be needed anymore. 

Edited February 24, 2018 by MaroonLance
Added 2nd Paragraph

[dalekphalm]

I mean, I'd just ask the network admin/your ISP to authorize your router. See if they will do that first.

[ewook]

Wait, your ISP does not allow a firewall/router? That's just weird. If the VM's are behind the host, it's a bit hard for it to being noticed as a separate host. But yes, easier to ask for permission to get things the way you want than being blocked for being clever I guess.

 

However, I do not see how DPI has anything to do with it, as packet inspection is simply identifying the actual data stream - not host identifying.