So, my friend has a fully-remote job, but his employer only allows him to work within the state the company is based in. He is planning to move outside of that state, but isn’t prepared to quit his job yet.
To evade detection from IT, this friend wants to set up some sort of VPN tunnel to leave with a relative within the original state, to route the traffic from his work laptop (which is locked down via JAMF software) through. The family he’s leaving this setup with isn’t tech savvy, and wouldn’t be able to troubleshoot anything beyond powercycling a device or plugging in an ethernet cable.
What would he need to do to set up such a tunnel, ideally with remote access to adjust settings/troubleshoot, and how does he ensure that his work laptop never exposes an out-of-state IP to his employer?
Apologies, mods, if this post falls under Rule 3 for “professional” help.


Tailscale is by far the easiest way. Zerotier works as well.