Hey guys, I currently connect to a VPN to acces...
Hey guys, I currently connect to a VPN to access work stuff. The VPN we use is a 3rd party (Big IP Client or something like that). My company allows people to go out of the country internationally if needed (not usually allowed) and we also have some offices internationally.
I want to travel internationally but also work. I've already been doing it for some time. If it's a 3rd party VPN we use, does my company have the access to check those logs? They give us a list of countries we CANT go to so as long as you're not there, the VPN will work.
How possible is it to connect to a VPN before connecting to the VPN? Is this a viable solution to be 100% safe?
9 Replies
Thread automatically created by bobsauce_ in #🤔|questions
vicious-gold•8mo ago
f it's a 3rd party VPN we use, does my company have the access to check those logs?VPNS emit logs and many companies keep them for auditing purposes even having rules on the infosec side
How possible is it to connect to a VPN before connecting to the VPN?On your work computer? Your VPN Source IP will flag the source ip as coming from a VPn source, which is a common rule already built in for at least a decade now You'd want a travel router for your specific use case.
inland-turquoise•8mo ago
Could you explain how the VPN differs from something like a travel router? I'm not sure I understand how it works
vicious-gold•8mo ago
your company has certified your work laptop (through SSL certs, or something similar) to authenticate against a VPN server that their they of BigIP owns, and using Big IP as the client to serve as the transportation application between the client and your corporate network.
And so, they have full control on what goes in, and what goes out, within that boundary
aka, you log in from starbucks, they have telemetry you came from starbucks
you log in from the ukraine, they have telemetry that you came from ukraine.
a travel router, on the other hand, is a physical device that has a VPN client inside of it, authenticating to a VPN server that you own at home in the US, usually through a protocol like wireguard
so the travel router bridges where you are, with the internet connection from wherever you are, and "skips" the source WAN IP coming from your hotel or airbnb internet and "behaves" as if you're at home
from the perspective of your laptop, they "think "you're at home
inland-turquoise•8mo ago
So you need two routers? One at home and one with you is that correct?
vicious-gold•8mo ago
the one at home is your wireguard router that supports openVPN yes
if your current router allows you to configure openVPN yeah thatll work too
inland-turquoise•8mo ago
Ah hmm and the difference from having a router and running OpenVPN on some EC2 instance is the fact that somehow they know that the IP is from some AWS server?
Or that there's just some way that they're able to distinguish it ^
vicious-gold•8mo ago
i mean AWS subnets are known
so your call if you know your infosec catches that
inland-turquoise•8mo ago
Ah you're right