Using VPN's: Host and VM

This is for discussing general topics about how to use VirtualBox.
Post Reply
BillyS
Posts: 2
Joined: 18. Oct 2022, 14:28

Using VPN's: Host and VM

Post by BillyS »

I have a VPN service (Norton) running on my host computer, set to be permanently on. I have also been running a VPN on my VM's (selectively), but after an experience today I think I am actually double-doing it. My guess is it is a "duh" moment, but can anyone clarify how VPN's on/off from host/VM play together?
Does 2 VPN's running make sense? Does one override the other? Might have a slow-down in connectivity speed on the VM since going through 2. Would love to hear folks experience, thoughts and any "it works this way" kind of feedback.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Using VPN's: Host and VM

Post by scottgus1 »

I think this may have to do with how the VM's network is connected. See Virtualbox Networks: In Pictures

The available Virtualbox network types that can get internet into a VM are Bridged, NAT, and NAT Network. NAT and NAT Network are fairly close brothers, they behave in the same way.

Bridged puts the VM out on the LAN separately from the host's network stack. This should make the VM have its own channel to the internet for a separate VPN to control, apart from any VPN working on the host. (Note that VPNs tend to rule with an iron hand, and the host VPN may be able to force control over even Bridged VMs. YMMV on this one.)

NAT & NAT Network go through the host's network stack, so it is quite likely that a host VPN will take control of the VM's traffic too, forcing the VM to only communicate through the VPN, or causing the VM to fail to authenticate with the VPN, depending on how the VPN is programmed to handle multiple OS's behind its portal.

So if you are on Bridged, and your VM can get to the full internet while the host is VPN'd, then the VM needs its own VPN connection to reach your host VPN's server.

If you cannot get full internet in the Bridged VM while the host VPN is connected, then the host VPN has full control even of the Bridged VM. I would expect a NAT or NAT Network VM to also be fully controlled by the host VPN.

(One thing to note, this is all theoretical: I have not run a VPN on my Virtualbox host to test this, and different VPNs may have different behaviors.)
BillyS
Posts: 2
Joined: 18. Oct 2022, 14:28

Re: Using VPN's: Host and VM

Post by BillyS »

Thanks for that detailed response, I have a lot to digest and some things to check now, so much appreciated.

One interesting point is that between writing the original post and now I have changed VPN providers, so will need to re-validate my original statements, although would think (but will see) that experience should be roughly the same. Small nuance, though, is that my new VPN (Norton) has some restrictions my prior (NordVPN) did not, so homework to do.
Post Reply