Setting up networking on Virtualbox Guest to access Host VPN

Im trying to get this setup going but am having quite a bit of trouble.

Host OS: Windows 8 64bit
Guest OS: CentOS 6.5 64bit

I'm using the Cisco VPN Client on my host to connect to a number of remote servers that I'd like to access from the Guest OS.

Currently I have the following adapters on my Host:

Intel Ethernet Connection I217-LM - Connection on Host (domain access/internet)
VirtualBox Host-Only Ethernet Adapter - VirtualBox
Cisco Systems VPN Adapter 64-bit Windows - Used by the VPN

My problem is when I setup the bridge in VirtualBox between the Cisco VPN and VirtualBox adapters, I cant seem to be able to ping the remote servers over the VPN.

The intended setup for me is being able to access Internet & the remote servers from the Guest OS without losing access to them on the Host OS.

nixgadget

Posted 2014-03-10T04:17:25.590

Reputation: 215

not sure what why this question was marked down. – nixgadget – 2014-03-10T22:14:18.860

I didn't downvote, but those that did likely did so due to the fact that this is much more of a user question than a sysadmin question. It probably would have been better received over at Superuser. – EEAA – 2014-03-10T22:41:03.080

I have seen a number of other virtualbox questions here around networking that related to user than administration. – nixgadget – 2014-03-10T22:45:48.923

Well those likely should be closed or migrated as well. Virtualbox is a desktop virtualization solution, not a proper server virtualization solution. – EEAA – 2014-03-10T22:46:39.920

Answers

To get the traffic going through the VPN I just set up an adapter as a "NAT".

nixgadget

Posted 2014-03-10T04:17:25.590

Reputation: 215

To solve this you need to add 2 NICs to the vbox guest: one NAT that will be transparently using the VPN on the host and one bridged that will bypass the VPN and get an IP from your LAN. Then, you need to run your own name server with forwarding for the domains accessible over VPN. Also, you need to define static routes for all subnets that are supposed to be routed via the VPN. Make sure to add some entries for the name servers of the VPN.

For example your named.conf has:

options {
    directory   "/var/cache/bind";
    auth-nxdomain no;
        version "not specified";
    listen-on { any; };
    listen-on-v6 { any; }; 

        forward only;

        forwarders {
             [IP of lan gateway];
            };

};

(The lan gateway usually doubles as a local DNS)

Then in your named.conf.custom-zones you have:

zone "vpndomain.com" IN {
    type forward;
    forward only;
    forwarders {
    [IP of nameserver of VPN];
      };
};

Then you also need to define a bunch of static routes to make all destinations on the VPN go via the NAT IP, for example:

/sbin/ip route del default via 10.0.3.2

/sbin/ip route add default via [Ip of LAN gateway]

/sbin/route add -net x.y.0.0  netmask 255.255.0.0 gw 10.0.3.2 dev enp0s8
/sbin/route add -net a.b.0.0  netmask 255.255.0.0 gw 10.0.3.2 dev enp0s8

/sbin/route add -host [IP of nameserver in VPN] gw 10.0.3.2 dev enp0s8

(in this example enp0s8 is the NIC of the NAT, check ipconfig)

hnapel

Posted 2014-03-10T04:17:25.590

Reputation: 1