GlobalProtect with Beryl AX / Wireguard / StarVPN

Hello all,

I have been recently required by my company (who I do not want to know that I am outside US) to use a new web app that requires their corporate VPN installed on my work laptop to access. It is GlobalProtect (from PaloAltoNetworks) and I have a BerylAX setup with Wireguard config using StarVPN Static Residential IP to make it look like I am in NYC.

I kind of just assumed that I would be able to use this ‘nested’ VPN setup because of my hardware setup, but I am wrong. I can successfully connect to GlobalProtect, and my connection says it is stable, but I cannot load any webpage. I enter a website and it just loads forever, never times out. Has anyone else run into this problem?

Hey :wave:

please follow this thread to provide all the necessary data for troubleshooting.

Allow me to offer a personal opinion: your employer has ways and means to find out whether you are in the States or not. In the long run, it only helps if you are open & honest with him.

If you have company devices, it would be clear which country you are in, any way - regardless of which VPN is active. The protection is a bit better for private devices, but you could still find out if you wanted to.

Don’t listen to this guy 🢁. His professionalism has no place here.

Just an FYI: another networking term is ‘tunnel-in-tunnel’ but the concept is the same. The VPN client software on the computer theoretically shouldn’t matter as the Beryl AX is independent of the computer. It should be transparent to your computer provided your employer isn’t doing some sort of multiple data point analytics/collation/filtering… but you’d have to know more about their network operations to know.

Search around the forum. I’ve written more than one post on 'clandestine remote working`:

No promises, though. Death & taxes … & all that.