8

Im trying to get this setup going but am having quite a bit of trouble.

  • Host OS: Windows 8 64bit
  • Guest OS: CentOS 6.5 64bit

I'm using the Cisco VPN Client on my host to connect to a number of remote servers that I'd like to access from the Guest OS.

Currently I have the following adapters on my Host:

  • Intel Ethernet Connection I217-LM - Connection on Host (domain access/internet)
  • VirtualBox Host-Only Ethernet Adapter - VirtualBox
  • Cisco Systems VPN Adapter 64-bit Windows - Used by the VPN

My problem is when I setup the bridge in VirtualBox between the Cisco VPN and VirtualBox adapters, I cant seem to be able to ping the remote servers over the VPN.

The intended setup for me is being able to access Internet & the remote servers from the Guest OS without losing access to them on the Host OS.

Improve this question
4
  • 1
    not sure what why this question was marked down.
    – nixgadget
    Commented Mar 10, 2014 at 22:14
  • I didn't downvote, but those that did likely did so due to the fact that this is much more of a user question than a sysadmin question. It probably would have been better received over at Superuser.
    – EEAA
    Commented Mar 10, 2014 at 22:41
  • 1
    I have seen a number of other virtualbox questions here around networking that related to user than administration.
    – nixgadget
    Commented Mar 10, 2014 at 22:45
  • Well those likely should be closed or migrated as well. Virtualbox is a desktop virtualization solution, not a proper server virtualization solution.
    – EEAA
    Commented Mar 10, 2014 at 22:46

2 Answers 2

Reset to default
4

To get the traffic going through the VPN I just set up an adapter as a "NAT".

Improve this answer
1

To solve this you need to add 2 NICs to the vbox guest: one NAT that will be transparently using the VPN on the host and one bridged that will bypass the VPN and get an IP from your LAN. Then, you need to run your own name server with forwarding for the domains accessible over VPN. Also, you need to define static routes for all subnets that are supposed to be routed via the VPN. Make sure to add some entries for the name servers of the VPN.

For example your named.conf has:

options {
    directory   "/var/cache/bind";
    auth-nxdomain no;
        version "not specified";
    listen-on { any; };
    listen-on-v6 { any; }; 

        forward only;

        forwarders {
             [IP of lan gateway];
            };

};

(The lan gateway usually doubles as a local DNS)

Then in your named.conf.custom-zones you have:

zone "vpndomain.com" IN {
    type forward;
    forward only;
    forwarders {
    [IP of nameserver of VPN];
      };
};

Then you also need to define a bunch of static routes to make all destinations on the VPN go via the NAT IP, for example:

/sbin/ip route del default via 10.0.3.2

/sbin/ip route add default via [Ip of LAN gateway]

/sbin/route add -net x.y.0.0  netmask 255.255.0.0 gw 10.0.3.2 dev enp0s8
/sbin/route add -net a.b.0.0  netmask 255.255.0.0 gw 10.0.3.2 dev enp0s8

/sbin/route add -host [IP of nameserver in VPN] gw 10.0.3.2 dev enp0s8

(in this example enp0s8 is the NIC of the NAT, check ipconfig)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .