2

Virtualbox becomes unavailable for incoming connections from host OS when VPN is on. Accordingly, I cannot use http/ssh/rdp clients to access guest OS from host OS while Pulse Secure VPN stays connected.

Host OS: OSX High Sierra. My understanding is that a VPN client should not preempt routes in private IPv4 address space. Any workarounds to resolve this?

Improve this question
2

1 Answer 1

Reset to default
2

I end up creating a script to launch my virtual machine. Limitation is that you have to launch the VM when VPN is off because Pulse Secure blocks creation of routes required.

I made this script a docked command for convenience -

#!/bin/bash

# visudo as root, add your_username ALL = (ALL) NOPASSWD:ALL

# vboxmanage list vms

guestip="192.168.86.3"
guestmac="8:0:27:22:4c:27"
vmname="WIN_ENT_10_64B"

# if the VM is running, leave it alone in peace:
vboxmanage showvminfo $vmname |grep "running (since"
[ "$?" -eq "0" ] && exit

# hide terminal window:
osascript -e 'tell application "Finder" to set visible of process "Terminal" to false'

# shutdown vbox network:
while [ -n "`netstat -rnf inet |grep $guestip`" ]; do
  sudo ifconfig vboxnet0 down
  sleep 1
done

# start VM and wait:
vboxmanage startvm $vmname --type separate
while [ -z "`netstat -rnf inet |grep $guestip`" ]; do
  sleep 1
done

# delete original route:
sudo route -n delete ${guestip%.*}.0

# create a network singularity in routing table:
sudo route -n add $guestip/32 -interface vboxnet0

# create the host on the network:
sudo arp -s $guestip $guestmac

osascript -e 'tell application "Terminal" to quit' &

The scripts assumes that you can use sudo without a password.

guestip is manually configured in guest OS on the "host only interface" (normally #2). When you create a "host only network adapter" in VirtualBox, it has DHCP enabled by default. I disable DHCP and assign a static IP in the guest OS manually for consistency reasons (here - 192.168.86.3, netmask 255.255.255.0 or CIDR /24, DNS left blank).

guestmac is MAC address of the network interface in the guest OS that has the IP 192.168.86.3. Do not confuse it with MAC address of the "host only network adapter" in VirtualBox configuration. The latter is configured with 192.168.86.1/24 in our case (MAC a:0:27:0:0:0 below).

After the script completes (terminal app disappears from the dock), expected output of netstat -rnf inet shall comprise similar entries:

192.168.86.3       8:0:27:22:4c:27    UHLS            3     4884 vboxnet
192.168.86.3/32    a:0:27:0:0:0       ULSc            0        0 vboxnet

These entries will persist across VPN connects/disconnects and let you access your VM locally regardless of the VPN state.

Improve this answer
1
  • Great, thanks! The tldr version with guest IP 192.168.56.101 and guest MAC 1:2:3:4:5:6 is: (1) start VM (2) remove generated routes sudo route -n delete 192.168.56.0 (3) Add single-IP network to use vboxnet0 interface: sudo route -n add 192.168.56.101/32 -iface vboxnet0 (4) Connect IP <-> MAC: sudo arp -s 192.168.56.101 1:2:3:4:5:6 (5) open VPN
    – Jari Keinänen
    Commented May 10, 2018 at 12:59

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .