My wife and I would like to join the flock of snow birds and move to Mexico for 3 months every winter. I work from home in the US for a very large Med Device manufacturer. My employer requires me to connect to a VPN and I wanted to know if there’s a setup for me to hide my geolocation from employer.
I have not asked if they’d allow me to work from Mexico yet but I want to explore all options.
I’d really appreciate any help I can get!
EDIT: Check the disclaimer at the bottom. Also, a good rule of thumb is don’t mess with security measures your company has in place. There is usually a good reason for everything!
I would assume that the company VPN logs every IP address that logs on, every URI/DNS that is sent through it, and maybe does some packet inspection. If you ever log in to the VPN from Mexico and the company checks their logs it would be pretty obvious.
Solutions:
I hope this kind of made sense. Let me know if it didn’t, or if anyone else has some other ideas. I know there have to be other ways of doing this other than back to back VPN’s. You could also probably use a non transparent proxy that goes to a VM/Raspberry pie.
Disclaimer: The above post is for educational purposes only! Do not lie to your employer. Compromising their security in any way is bad. Doing anything I have outlined could have unintended consequences. The list of problems and dangers is just an example and is not exhaustive. This is not legal, technical, or any other type of advice and should not be taken as such. I am just some stranger on the internet. Any action taken after reading any of my posts is yours and yours alone. I take no responsibility for any consequences resulting from any and all action resulting from or relating to anything I have written, am writing, or (inclusive or) will write. EVER. IN MY ENTIRE LIFE
If you work from home why would you need permission from work from elsewhere?
I also work from home and I don’t get why you feel the need to hide your travels.
But yes, you could run a VPN server at your house and bounce through it first.
You could set up a VPN server in your house, and hope it will stay working while you are away.
Otherwise, you could set up a VPN with a VPS server, and then VPN (double VPN!) from that.
Yes, it can be done. And going to Mexico for the winter is a great idea.
Its not a VPN solution, but you can leave your computer at home and install remote control software on it. Then bring a second computer, remote to your home computer and work that way. The internet might suck in Mexico and it could be laggy. Just a thought.
I think I have a simpler solution?
Rather than use a VPN to spoof your location, just leave a computer at home on 24/7, install logmein or TeamViewer onto it.
While you are away. Remote into your computer at home, and then connect to your work VPN through there.
You could opt to move to Southern AZ, snowbirds give us about a 50% population increase here in the Fall and Winter months. Cost of living is cheap (not as cheap as Mexico, sure, but still less than much of the US) and then you’d still be in the US, which would hopefully be a non-issue for your work.
Get an extra pc and host a vpn on your home wifi. Connect to that home VPN, then through that VPN connect to your work vpn
As other have said, you are working under HIPPA. HIPPA violations can and will bankrupt a company and if you are the cause, you can be held liable for damages to the company. This is your warning and disclaimer.
How to do the VPN. You’ll need to pay for business internet with guaranteed uptime. You’ll also need to get a UPS that has remote management and a firewall/gateway that has cell fail over. You’ll also need a computer/server that has some remote management. All of this is going to be in your house stateside. Setup the computer and firewall/gateway. Make sure you test cell fail over and connect to the remote management when it is on the cell connection. Setup your VPN server.
On your Mexico side of things, you are going to need a router/gateway that can act as a VPN client. Set up the router/gateway to VPN into your server stateside with auto disconnect if the VPN connection fails. That is how your would do it high level.
The reason I say pay for business internet to your house is two fold. One, you get a dedicated IP address that won’t ever change and guaranteed uptime. Two, if your companies IT staff gets curious about your connections, the IP address they will be seeing won’t be associated with a VPS or shared hosting provider.
Set up a socks5 proxy in home country. Connect to the proxy before connecting to vpn. That way, it looks like your logged on from home country.
Install a VPN router at your home (where you will NOT be for the 3 months). A router such as an ASUS RT-AC68U will do just fine.
In that router, configure the VPN server. L2TP is the easiest to set up. Configure a dynamic DNS service hostname in the router (I forget which one ASUS supports. I think have their own service now.)
Take another VPN enabled router (another RT-AC68U if you like) and set it up in Mexico (behind the existing router in Mexico). Configure this RT-AC68U as a L2TP VPN client and connect to your “home” router using the dynamic DNS hostname.
If you do this right, you’ll appear to be at “home” in the USA (behind the RT-AC68U in Mexico).
Edit: With this method, your IP address always appear to be within the assigned address ranges of your ISP. Other methods (such as a VPN) will show a different IP address than that of your ISP and if your employer’s IT department has any amount of smarts, they will figure out you are not connecting from your actual home.
You have to use the VPN in order to access your job’s network resources (network drives, servers etc.) I don’t think they would “track you” to see where the IP is coming from.
I work in IT and we have a few users that work 100% remote and this is the same speech I give them regarding VPN. We don’t check where the IP address is coming from because theres no need. As long as the work gets done and submitted in time, it shouldn’t matter.
I am convinced there is an epidemic of stupidity sweeping the United States.
I’m pretty sure that it started after millions of people saw the movie Forest Gump.
Stupid is as stupid does.
this guy works from mexico
You don’t necessarily need a static IP. You can use dynamic DNS (where a change to the IP is pushed to DNS inside 60s or so). Or you could use ngrok or a custom server to do this.
It can sometimes be hard to get a static IP address and the correct ports open with some ISP’s
ZeroTier, Nebula, Hamachi (and others) will help overcome this.
Thank you. You’re awesome. I will look into this.
Static IP absolutely not needed. Get a free dynamic DNS address.
Hey, quick question – when you say, “a lot of trouble,” what do you mean?
Also, could you explain how the workflow above compares to, say:
Using a Mexican Internet Source > buying a router > Using a VPN > Using your Company Laptop > Connecting to your company’s native VPN?
Thanks a lot!
They fired a colleague of mine for working from Sweden. Im assuming because my employer holds a lot of confidential data (R&D, patents, etc) and HIPAA patient info on their servers that they can’t risk being exposed. And yeah, im going to ask first but this is plan B.