My company is starting to limit remote work, and one of the things they’re focusing on is that people must work from their actual home. For some reason, they seem to think that work from home means being in your own house. Apparently, the higher-ups are having IT check people’s IP addresses for anything suspicious.
We’re planning a visit to my family’s place in Florida for the winter, hoping to stay there for a couple of months to escape the cold.
Is there a way for me to set up my home as a VPN home base and route all internet traffic from Florida through my home network? My work laptop is locked down, and we can’t install a VPN client on it. We want all internet traffic from my folks’ place in Florida to go through my home, so it looks like my work laptop is connecting from home instead.
Is this something I can do? How would I set it up?
Yes, I do this myself to avoid paying for extra Netflix users. It’s pretty common for companies to set this up.
It all depends on what model your home router is, as you may need additional hardware if your router doesn’t support a site-to-site VPN. You could use a PC to host a VPN server at home, or buy a new router if your existing one can’t handle it.
I recommend using WireGuard for the VPN because it’s much faster than OpenVPN. Also, set up the Florida router to route the work laptop via the VPN to avoid slowing down all the traffic unnecessarily.
Gi.net offers cheap routers you can buy to set up as your VPN client router for your work PC if you don’t have a site-to-site capable router in Florida.
Don’t try to use a client on your work PC since you can’t install anything anyway. That would alert IT that you’re using VPN software. Setting up a site-to-site VPN with routers means your PC won’t even know it’s on a VPN.
Davin said: @Niko
I use a GL.iNet travel router when I’m away. I highly recommend it.
Those routers are great. Not just for travel. I use them for DIY projects. They are the cheapest OpenWRT routers that actually work well. While not the most powerful, they are super functional. It makes me frustrated with those expensive routers that come with poor firmware that can’t even set up a bridge.
@Leif
Yeah, most hotel Wi-Fi is terrible anyways. So, this offsets the hardware performance of those travel routers. I like to connect my travel router to the hotel’s Ethernet if I can and then use its Wi-Fi for my devices. This way, I get better performance instead of relying on a Wi-Fi repeater.
@Wylder
Is it just me, or is Ethernet becoming harder to find? The last three hotels I stayed in had wired connections, but every port and cable was dead.
Kumi said: @Wylder
Is it just me, or is Ethernet becoming harder to find? The last three hotels I stayed in had wired connections, but every port and cable was dead.
Yeah, since Wi-Fi is considered good enough, hotels won’t bother installing new Ethernet or maintaining existing wiring if it breaks. It’s frustrating since I love hooking up my travel router.
@Tamsin
Besides speed, I often struggle with captive portals over Wi-Fi. I can usually get things going, but it often takes 20 minutes of fiddling instead of a couple of clicks. I’ve thought about just setting up a custom Linux router to manage Wi-Fi and deal with captive portals through a browser directly on the device, but since I only travel a couple of times a year, I haven’t done it yet.
@Tamsin
I think that’s what I’ve done every time… I need a cheat sheet since I’m usually in a rush or tired when I get to the hotel, and I forget the process each time because I don’t travel often. But now I can check my history if I forget to write it down, so thanks!
I love this discussion, and I’m looking for this solution right now. I can’t install anything on my work laptop and I need to change locations. I tried using an ASUS router at my home and created a VPN tunnel to ExpressVPN’s OpenVPN servers, which I had a subscription for, but the speed is really slow (sometimes around 5Mbps).
I’m now planning to set up two routers: one (Router 1) at my base location as a server, and Router 2 at my current location. I need to create a WireGuard VPN on Router 1 and connect Router 2 as its client.
Can anyone provide detailed instructions on how to do this?
@Elliot
There are a few ways to accomplish this, but it all depends on the router hardware you plan to use and your budget.
If you plan to get custom routers or convert a PC into a router, you could use PfSense, OPNSense, or OpenWRT software. There are several tutorials available for creating site-to-site VPN tunnels using these options.
If you plan to buy a router, I recommend something that supports WireGuard. I still stand by Gi.net as a good choice.
You mentioned having an ASUS router; some people have managed to change their firmware to Asuswrt-Merlin. My old ASUS couldn’t support WireGuard even with Asuswrt-Merlin, but mine is over a decade old and no longer supported. You might be lucky and find yours works for this if it’s newer. Having an ASUS router on one end and something else on the other is fine, as long as both support WireGuard. But your far-side router (the one at your current location) will benefit from being a more capable device.
Your question is a bit like asking how to build a house without considering local conditions, materials available, etc.
If you provide more details about the hardware you have or what your budget is, I can look for suggestions for you, but please be realistic.
I created the accounts and got the OVPN file as required.
On my current location (India): I have an ASUS AC1900 RT AC68U.
This router only needs to have a VPN client.
I followed the steps to add the VPN client. For OpenVPN, it needs the OVPN file I exported and the username and password.
For PPTP, it needs the server name and credentials I created.
However, it is not getting activated. There’s no error, but I don’t get the “activated” checkmark I used to see with ExpressVPN (using the files I downloaded from my account).
I’m unsure if I’m making mistakes or need to buy any services from a third party to activate it. If I need a different router for the client, I can purchase one. I’m not overly concerned about the budget but need reliable speed for my regular work. I’ll be in India for the next two years and want this to run smoothly.
Note: I’m not using WireGuard at the moment but can give it a try if you tell me how.
@Elliot
I’m glad to assist, but expect a few back-and-forth messages to confirm some details.
So, you’ve identified what needs to be the server and what needs to be the client. I’ve never used PPTP on ASUS, so I can’t help with that; you might have to make a new post to get help there. I don’t have ASUS devices anymore, so I might be more of a hinderance than a help, but I can ask the right questions to point you in the right direction.
Canada System: How does your ASUS RT AX 86U connect to the internet? Is it directly from a wall connection or via an ISP modem (like a Rogers Wi-Fi hub)? You need to be very clear because the issue may be something that needs to be set up before your ASUS router to allow proper connectivity.
VPN Server Type: OpenVPN is a solid choice, but I suggest switching to WireGuard. I’ve changed from OpenVPN to WireGuard, and the difference in performance is incredible. With OpenVPN, I’d get 15Mbps, but with WireGuard, I get 70Mbps. Since you’ll be connecting from Canada to India, speed and latency will be important. But let’s get it running on OpenVPN first before we switch to WireGuard.
Public IP/DNS Name - Another critical question: is your Canada IP static or dynamic? If you’re unsure, let’s assume it’s dynamic. This is important because we need to know where to connect from India and what the server’s IP address (WAN) is. Otherwise, you won’t be able to connect. It’s like trying to call your friend’s mobile phone in Canada without their number. IIRC, ASUS supports DuckDNS, which is a free service. Basically, the VPN server will notify DuckDNS of its IP. DuckDNS will assign that to a domain name of your choice when you sign up. This way, you won’t have to worry about the server’s IP; you can just use the DuckDNS name and it will always give you the right IP. Your client will connect to the server using this.
My Canada System: My ASUS RT AX 86U connects to the internet via an ISP modem (Bell router). I checked and the internet works well on the ASUS. Not sure if there’s anything else I need to enable.
VPN Server Type: You’re very right; I’m planning to switch to WireGuard once I get OpenVPN up and running.
Public IP/DNS Name: I think this is where I’m going wrong. I believe mine is dynamic IP, so I followed the ASUS instructions to set up a DNS. I’ve activated DDNS using ASUS.com, and it shows that my hostname is registered and active. Still, there are many settings I might be missing, and a little help would be great.
@Elliot
Internet connection: your ASUS connects to the Bell router. This could be an issue. We need to confirm if the Bell router is in modem mode. If not, while you’ll see internet on the ASUS router, because it’s behind the Bell router, it’s that router managing your firewall and connections.
What this means is that when you connect to your Canadian IP, the Bell router sees the connection, checks its firewall settings, and sees it’s not allowed, so it blocks it.
Three options:
Set the router to modem mode. That way, the Bell router will only connect to your ASUS router and forward all traffic to it.
Place the ASUS behind a DMZ (configured on the Bell router).
Enable port forwarding for that VPN connection on the Bell router.
If you go with options 2 or 3, ensure you configure the Bell router to assign a local IP to the ASUS router.
DNS: Okay, I understand your confusion. DNS isn’t a domain name; it’s what your router uses to look up domain names.
DNS acts like a phone book where you look for company names to find their phone number. Keep DNS set either with your ISP or use 1.1.1.1 (Cloudflare’s DNS). Don’t change this setting; otherwise, you’ll break your connection to Canada.
This isn’t what we care about here; we want to add an entry to the phonebook by assigning a domain name to your home IP. When your Indian router looks up the DNS record, it should resolve with your Canadian IP.
We want DDNS for that. If you have a hostname, try using CMD to ping it from your Indian PC and check if it resolves to your Canadian IP. If it doesn’t, I still recommend using DuckDNS for your DDNS service.