How to use VPN and Wireguard with Cisco Anyconnect?

VPN
1

TLDR: While in a hotel, how do I configure my Beryl AX wifi setup to work with my Anyconnect VPN + Zscaler? I am looking for a full breakdown on how to set configurations from start to finish.

Gonna start this off with the fact that I am not the brightest crayon in the box, but I still color just as good! I’m definitely capable of learning and understanding information when it is explained.

So I have been scouring the interwebs the past 3 weeks learning about Gl.inet and it’s tools and I finally ordered my Beryl AX, but I am a supernoob to the router and VPN world, I will most likely ask for clarification if you are speaking tech-inese haha

I am relocating in a few weeks to another state (Ok) and will be staying in a pretty cheap hotel for at least a month until the house is ready. My company utilizes Cisco Anyconnect VPN + Zscaler and I am trying to understand how my Beryl should be setup to ensure that I will not only be able to connect to the wifi, but avoid connection interruption and dropping my calls while keeping the data I work with safe.

Relevant information:

I do not need to hide my location since the move is approved. I have found that the majority of people asking a similar question are focused on detection avoidance from their work.

I cannot download anything on my laptop, or alter the settings in place in any way and I want to make sure I don’t expose any data as I work with critical PPI & PII all day long.

I will most likely have to use the wifi repeater as I am 90% sure the room will not have an ethernet port. It does have the phone jack, but is that relevant?

I do have pretty good tech support at work and could possibly connect with them if needed, but I am not sure what to ask or how they can help me.

My job requires me to be on the phone about 80% of the day, and I am constantly downloading files with my clients while on the phone.

That being said, I am unsure if this is even relevant, but I am averaging about 100 gigs of data usage a month according to my laptops metered data report. I only had it on to get an idea of how much data I would actually need if I have to buy an ISP hotspot.

Question-

Can I just connect to the router as a wifi extender or enhancer with the VPN off, no Wireguard, and no VPN Killswitch? I totally get the added layer of protection aspect, I am just curious if there are other reasons. Is there still a risk of exposure to only using my companies VPN setup?

I have also read on this fourm that a few people needed to download Luci configurations to be able to allow the Anyconnect to actually connect through the Beryls VPN. Any information regarding that would be great as I am lost in that area completely.

Am I missing any important information or understanding of how this all works? I’m sure there are more components to setting this all up that I’m not aware of. Enlighten me, oh masters of the digital era!

If there is any other context or info I can provide, let me know! If you made it this far, I appreciate you for reading💛

2

The entire reason why people fiddle around with vpns and wireguard and travel routers is to hide unapproved locations

If you don’t need to hide your location you don’t need to worry about any of this. Just connect to hotel wifi as normal and then to your Cisco

3

I am assuming you have a company provided laptop that has Cisco Anyconnect and Zscalller already installed configured. If that is the case I don’t think you even need the berry AX device. Your laptop would connect the hotel wifi and you would connect to company VPN and work as usual.

That being said, having the berry ax in place will provide an extra layer of security since you would have your own private network protected by a firewall.

If that is the way you want to go, then you have two ways to go.

  • Hopefully, find an ethernet port in your hotel room and connect berry ax to this port as wan connection. I actually requested a room with a working ethernet port previously.
  • Or, you connect the Berry AX to the hotel wifi in repeater mode.
    At this point, the hotel will be like your ISP. Then you would connect ur laptop to the berry ax via cable or join the wifi. Once you are on the berry ax wifi, you can connect to the company vpn using the anyconnect client.

This is a pretty good tutorial for connecting the berry ax to hotel network and getting to the internet

4

Agreed. No point in dealing with the extra complexity and speed hit of using a private VPN for work if the company is fine with you working from other locations.

That said, I have set up many customers with a personal VPN that use Zscaler and Anyconnect for work, and it works just fine inside a direct wireguard VPN setup.