There are a few ways even a small company can identify using a VPN to hide locations. One specifically is looking at latency between your device and the server. Say someone is complaining that the server is slow. The server team of course blames the network. The network guys start looking, and see that all the remote users are showing 1 or 2 ms of latency. Except you. Yours is 15ms. Now they need to figure out why so they can tell the server teams it isn't the network. That was without even trying to find you. If as you mention in your post HR asks IT to look then they can focus on you and done.
Also you need to be 100% sure in your config for the IPSec tunnel. What happens if the tunnel goes down for some reason? Does your traffic fail to a local out? Then it becomes trivial to see it. You show up from a local IP, then in seconds you traveled to a different IP in a city hundreds of miles away. My wife had this happen. Her IT noticed she was logged in at home, and then 2 minutes later logged in from LA which is a 4 hour drive away. They flagged her account for suspicious activity almost immediately. It was nothing malicious it was just we had a outage of our local ISP, and we failed over to a backup ISP that is from LA.
-Otanx
Also you need to be 100% sure in your config for the IPSec tunnel. What happens if the tunnel goes down for some reason? Does your traffic fail to a local out? Then it becomes trivial to see it. You show up from a local IP, then in seconds you traveled to a different IP in a city hundreds of miles away. My wife had this happen. Her IT noticed she was logged in at home, and then 2 minutes later logged in from LA which is a 4 hour drive away. They flagged her account for suspicious activity almost immediately. It was nothing malicious it was just we had a outage of our local ISP, and we failed over to a backup ISP that is from LA.
-Otanx