Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4914
Views
0
Helpful
3
Replies

Sharing VPN connection between VM and Host

EDHSDHEDH
Level 1
Level 1

‎08-10-2009 09:03 AM - edited ‎02-21-2020 03:37 AM

Hello,

I've got the following setup:

WinXP laptop (host) with CISCO VPN client installed

MS Virtual PC 2007 Guest VM (WinXP).

When working from home I want to get the following to work:

Start laptop (with host WinXP).

Start Cisco VPN Client on host and authenticate.

Start WinXP Virtual Machine.

From host, browse company internal and public sites.

From host, access company internal servers, such as version control management servers (CVS, SVN, ...).

From guest VM, browse company internal and public sites.

From guest VM, access company internal servers, such as version control management servers (CVS, SVN, ...).

I want to do the above with only the host vpn connection activated.

That is, I want the VM to share the host vpn connection.

I've spent hours on this, but I can't get it to work.

Any help is welcome.

Kind regards,

EDH

0 Helpful
3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

‎08-10-2009 12:44 PM

Hi Edwin,

I think I understand what are you trying to do, if not PLS correct me.

What you are trying partially is not possible using single RA VPN client connection. A VM is consider a unique entity PC with unique private IP address therefore that VM machine will also require cisco VPN client and connect to vpn server just as the host WinXp laptop .

From the regular host WinXP labtop with cisco vpn client sure you shoudl be able once connected browse internal networks, as well as have internet access provided the vpn server allows hairpining for VPN address pool network.

The only way I can think of this can be possible is through L2L Ipsec vpn , then yes you can have as many VMs running off a host and be part of that single vpn tunnel policy.

B.Regards

Jorge Rodriguez
0 Helpful

EDHSDHEDH
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎08-10-2009 11:25 PM

Hi,

The following setup indeed works perfectly:

Install Cisco VPN client in VPC.

Install Cisco VPN client on host.

Start vpn client in VPC and connect to internal and external netwerks from VPC.

Stop vpn client in VPC.

Start vpn client on host and connect to internal and external netwerks from host.

The annoying thing is that I have to switch regularly between VPC and host and therefore have to stop/start the vpn clients on a regular basis ... a waste of precious time.

The funny thing is that for a period of 1 day I got the setup (only vpn client on host and connecting from within VPC to internal and external networks) working ?

I worked at the office (no vpn).

I then went home and plugged in my laptop.

I installed MS loopback adapter on the host.

I changed the settings on my VPC VM:

choose 2 instead of 1 adapter.

set adapter 1 to shared network (NAT).

set adapter 2 to ms loopback adapter.

Started vpn on host.

Started vm.

Changed ipconfig of adapter 2: gave it a static ip adres 192.168.0.10 with default gateway the ip (192.168.0.1) of the ms loopback adapter on the host.

Tried accessing internal and external sites and servers from VPC ... and it worked !!!

I must say I don't exactly remember when I started VPN client on the host.

So during that whole day I worked from within my VPC and from within my host, without touching VPN (running on the host).

Then I shutdown my pc.

Somewhere during the weekend I powered up again and thought to give it a try again ... unfortunately things stopped working without changing anything on my vpc or host.

Does the above make sense ?

Regarding L2L ipsec vpn. What do I have to do to enable this in the VPC, on the host ? Does it also impact the vpn server (which I don't have any control over) ?

Best regards,

Edwin

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to EDHSDHEDH

‎08-11-2009 08:16 AM

Edwin, makes sence , and thanks for posting the process, to be honest I have not ran into this particular scenario from my vpn clients and to properly comment I would have to simulate what you are doing .. perhaps other netpros could comment on this one.

As for L2L vpn is simply creating a permanent tunnel from your internet router or firewall to vpn server, L2L does not requires cisco vpn cleint but your end and other end able to support Ipsec standard to creating a permanent tunnel, but from what you have indicated it seems you had it working properly.. I would probably start looking at both the host and VPC event viewer and see the system and application logs, perhaps logs could give some clues on what could be the cause of the problem..

regards

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card