Can my company tell if I'm routing traffic through a private VPN server back home?

VPN
1

Long story short, my company has a major stick up its butt about working remotely from areas not nearby. Since we have to login to the company VPN to work remotely, it’s pretty easy for them to tell where we are. What I’m hoping to do is route all my traffic through a VPN server I’ve setup in my apartment, so that even when I’m away it looks like I’m nearby.

My concern is that, to my understanding, VPN protocols (in my case L2TP/IPsec) leave behind cryptography signatures that can be used to tell the traffic is coming from a VPN server. What I’m confused by is how the unencrypted traffic leaving the VPN server can be analyzed to tell it was previously encrypted. Will these ‘cryptography signatures,’ or something like the port the traffic is coming from, be enough for my company (a large tech company with lots of resources devoted to security) to know my traffic is coming from a VPN server? (Forgive me if this is a naive question, this is my first time doing anything involving a VPN.)

I can’t install any software on my work computer, so to connect to the VPN server I share my personal laptops internet connection with my work computer while my personal laptop is configured to route all traffic to the VPN server. (I’ve also got a killswitch setup so if the VPN connection drops, my work computer disconnects.) I then log into the company VPN on my work computer. Will this setup allow me to effectively VPN through a VPN without giving away my location/VPN usage?

Currently I’m using Softether on the VPN server, but I don’t think I’ve set it up to use HTTPS to establish the VPN connection. From what I’ve read that might be the ideal approach, since HTTPS traffic doesn’t give away the usage of VPN.

***Update***

I’m planning on using openVPN with stunnel instead of softether, since this will mask my VPN connection as standard SSL traffic. This may be unnecessary, but I think it’s a good precaution to take.

My remaining concern is with the software they have installed on my work computer. Assuming they can see everything, will they see the original IP address of the laptop I’m sharing my connection from?

2

Your company will only know you are using a vpn based on the public IP address you present as when you connect to the corporate vpn. It’s unlikely they will find out unless they specifically look your IP up.

It’s probably against your ITS policy so expect a painful conversation/termination if a someone finds out your overseas but still connecting remotely.

3

Might not be an option, but can you not leave your work device at home, and RDP to it (maybe hopping via your server at home)? Then establish your VPN connection from there?

4

Won’t the public IP address I present when I connect be the IP address of my VPN server?

5

In order to remote desktop into my work computer I have to connect through the company VPN. Connecting to the VPN then remote desktoping to my work computer may be a better option since I don’t have to worry about company software on the work computer monitoring my connection, but I’m still left with the challenge of connecting to the VPN.

6

Yes but don’t do it.

7

Why not, too risky? I’m only planning to use it for a few days at a time, not an extended period.

8

Out of curiosity how did it go lol

9

Never tried it, too risky :confused: