Server Router with Wiregurad and a Client Router with Wireguard as well
2 laptops a personal one and a corporate one
My home IP address is: 145.190.152.287
On my client's laptop, I see this as the same IP as my home IP address, but I don't on my corporate computer. I see 170.123.476.98. My corporate laptop comes with a VPN.
Is my corporate laptop behind the scenes having my home IP address thanks to my Wireguard VPN, and then the corporate VPN re-routes everything to their server so the IP changes? Even if I connect to my wifi directly without the my router client at home I don't see my Home IP address.
Thanks for your response. To clarify, I tested the Router Client with my corporate laptop and that's when I noticed my IP wasn't the one as my home IP.
I'm not very familiar with what you are mentioning about the tracert. So bare with me trying to understand what you are saying
I ran https://traceroute-online.com/ tool on my personal computer and my corporate computer. It's important to mention that my Router server is in NYC and I'm currently there.
What I saw in the map that generates is the following:
Personal computer:
Georgia <->NY (this is where my router server is located)
Corporate laptop
Georgia <-> Washington (looks like this is where the VPN server from the coorporate is) <-> NY ( (this is where my router server is located)
If I use this tool: https://www.iplocation.net/ and I put the IP from my personal computer or the corporate laptop shows NYC.
You've got a laptop from your company, without administrator rights.
If I read all correct, there is a VPN installed.
If you are at home in your Internet, you will get an IP A.
If you are going with your corporate Laptop online you will go through A to C and that is what is shown. Because your company is managing your device, and most likely all traffic is routed trough their proxy/VPN/whatever.
Now you go away, than you will have IP B. Your company Laptop will still show the IP C of your company, because all traffic is routed through their proxy/VPN/whatever.
But you've got a GL.iNet router. So you will set it up, start your VPN, and your device is not going trough B to A and A is shown. Great.
Your Company laptop is most likely go over the GL.iNet router from B to A and still to C. Because the Company is routing all traffic trough their proxy/VPN/whatever.
As I don't believe you have administrator rights or permission, there would be no way to turn off the companies VPN. And I don't believe you have the permission to bypass these settings.
All you can do is compare the endpoint in the first setup, the second setup and the third setup.
Do we expect any further insights from this?
Do you think it's better to test this while I'm on my personal computer and the corporate computer while I'm in a different city or wifi that is not my house?
You understood me exactly. I don't have admin privileges to turn the VPN off What I'm a little bit confused now is when you said:
All you can do is compare the endpoint in the first setup, the second setup, and the third setup.
What do you mean by endpoint and what should be the expected result?
To be honest, I don't care if the final IP https://www.whatsmyip.org/ is different from my home IP while I'm on the work computer (assuming I'm using my GL.iNet server and client router) as long as I know the location that is showing for the corporate computer is my home one. So If it shows C but the underlayer is A I find with that as long as it doesn't show other locations, let say if I'm in Italy.
And when your company wants the endpoint in Italy, than it would be shown. No matter what you want.
If you want to know the endpoint the work computer is seeing, ask your IT department.
There is no magic, conspiracy, issue. This is how it works.
You want to show you at another location, so you are using the GL.iNet VPN to hide your location. Your company should not bypass this.
Your company does exactly the same...
I guess my questions were how all this was working behind the scenes and if I was safe to hide my IP behind the GL.iNet. Based on what you are saying, I can't truly hide your location if the laptop has a corporate VPN. They can always bypass my VPN. Unfortunately, I can't ask the IT department what endpoint they are seeing; that would be a red flag for them, haha.
Then your laptop still goes through the vpn from the router, however you will see the ip of the corp vpn.
On the side of the corpo they see the endpoint of the vpn server at your home that is where the router connects to, only make sure to use the dns from the router and the router follows the dns of the vpn to your home i.e the virtual gateway ip of the tunnel
Let's say based on what you are understanding.
Again, you are building a tunnel, and everything works. You can work remotely and no-one knows you are outside your home. Great, mission accomplished. Full stop.
Your company is doing the same and hide all the outside layers from the user... On purpose.
The issue is you don't trust your setup and can't make it simple visible. On a device you don't own.
Of course you could go to your GL.iNet router, see the IP assigned to your corporate laptop, and follow/analyse the tunnel with traceroute, wireshark, ... It is possible. But more advanced than opening a website.
Or: you ask your corporate IT guys how their setup works. They do see everything, if they are good at their job.
If you can't do this, I assume you are bypassing some corporate limits and I don't want to support this.
Thanks so much! I have been reading a lot about traceroute and DNS leaks. Super interesting subject and how things work. I appreciate you sharing your knowledge
GL.iNet router, see the IP assigned to your corporate laptop, and follow/analyse the tunnel with traceroute, wireshark, ... It is possible. But more advanced than opening a website.
Then IP assigned should be one from my home IP since I'm using GL.iNet even if I'm in Italy then, right?
You are right I just emailed the IT department. I saw their VPN allows me to change to different predefined countries and states within the USA. Very interesting subject to learn about DNS leaks, kill switches, and traceroute.