4

I have a VirtualBox machine running on my Mac and I can connect to it without problems, for example using SSH:

$ ssh [email protected]
user-centos-6:~ user $

As soon as I connect to a VPN from the Mac, though, the SSH connection is closed and I cannot reach the VM anymore:

$ ssh [email protected]
ssh: connect to host 192.168.12.101 port 22: Permission denied
$ ping 192.168.12.101
PING 192.168.12.101 (192.168.12.101): 56 data bytes
ping: sendto: Permission denied
ping: sendto: Permission denied
Request timeout for icmp_seq 0

Given I'm a network newbie, how can I debug the situation?

UPDATE 1:

Output from netstat -nr before enabling the VPN:

default            192.168.1.1        UGSc          273        0     en0
...
192.168.1.1        XXX                UHLWIir       274     3247     en0   1197
192.168.1.255      ff:ff:ff:ff:ff:ff  UHLWbI          0       18     en0
192.168.12         link#7             UC              2        0 vboxnet
192.168.12.101     YYY                UHLWIi          0     2116 vboxnet   1054
192.168.12.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       18 vboxnet

The above is essentially the same after enabling the VPN.

The VM has two network adapters:

  • NAT
  • Host-only adapter (vboxnet0)
Improve this question
1
  • I had the same issue using Cisco VPN client but on Windows. Finally I got it solved by configuring the Oracle VM VirtualBox network adapter as Bridged
    – Elias
    Commented Feb 3, 2021 at 13:29

2 Answers 2

Reset to default
4

Your VPN is probably changing your network routes and/or default gateway. Check the output of netstat -nr and look for the default route when you're connected/disconnected to the VPN. You may be able to get around this by using a private network between your VM and host machine. If the VM is using a bridged adapter, changes to network configuration could well prevent access.

Improve this answer
1
  • Can you give more details about how to do this?
    – Adi Shavit
    Commented Mar 29, 2016 at 12:33
2

What is, in all probability, happening, is that you VPN uses all of the RFC-1918 addresses and maps them to your VPNed network.

This means that, even though you still have the IP address allocated, all networks are now statically routed to the network on the other side.

So far the only solution I have found to work predictably and stably is to get your local DHCP server to allocate addresses to the VM that is not in your VPNed network (I use 223.x.x.x, since that range has been given to ARIN to allocate and I doubt I will ever try to access a site in that range; if I do, I'll just manage that) so that the NAT between your VPN and your VM will still be active.

Most VM hypervisors will allow you to allocate other address ranges to the VMs, so you should be able to figure out how to do it.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .