That's what I thought, that it would be IP over traffic that flagged it up.And how would they know the original MAC of the machine, if they didn't know the IP address?
Eek!
And thinking about it, I use a VPN on my phone all of the time I'm on the work network, and there has been no trouble so far.[/QUOTE]
If they have the MAC registered of your hardware (assuming it is a university machine) then they would spot that it is not running the required OS. This should raise a flag - as in someone has messed with our machine. The IP address of your machine is somewhat irrelevant assuming you are using the University DHCP address to get an IP. If you have manually set your own IP then you could cause a conflict.
The VPN on your phone is also slightly irrelevant - they will recognise that it is a phone and also that it is not their hardware.
Of course all this assumes that they care and look. I would image most of them are running around clearing paper jams in printers, download porn and wondering who has been shoving drawing pins in their network cables.
Personally - I would not be using work equipment like this, but the chances of being caught are pretty slim.