Bypass Deep Packet Inspection

I have an issue with my network where I’m limited to 7 MAC addresses (each MAC address is assigned a static IP address). I tried just using a cheap Tplink Router/WiFi AP to set up a small network so I could have more VMs. However if the network detects a router is being used, it blocks Internet to the IP address until it detects it is no longer be using as a router.

Changing the MAC address had no affect nor did changing the host name so I suspected the packets are being inspected for NAT. I purchased a PC Engine APU2C2 to use as a router to run pfsense on and use a vpn so the packets cannot be inspected. However I wanted to see if anyone here had any ideas as using a halves my band with bandwidth (30-40Mbps on a connection of up to 100Mbps) and make my ping quite high.

I currently use PIA as my vpn provider if that helps.

would creating vlan possibly work around this ? maybe with a smart switch? or just sticking a domain controller, i mean dns server on the vlan ?

@MaroonLance it seems to me you should be able to have more than 7 MAC address on your network. What do you think @NetBandit?

What would probably work is to have a single device as a VPN client and have that device act as the internet gateway for your other devices. This way only the VPN client will need internet access, same as if you were using a router except this won’t require NAT (or at least it won’t for the part which connects to the upstream network)

2 Likes

The MAC cache on even the cheapest of switches is 1000 deep. 7 should be no problem.

If you want to go old school, you could set up a proxy server.