Hey guys, thanks for droppin by.
I do have a very peculiar scenario:
MBPro 15" on High Sierra 10.13.3 , running VirtualBox 5.2.4 with a win 8.1 instance.
Both OS's have a company image, meaning some functionality has been restricted, OSX via JAMF software, VirtualBox running regular win 8.1 with some admin restrictions.
The win8.1 virtual instance has a preinstalled VPN client called GlobalProtect, which is working perfectly.
The OSX runs its Mac version, but it doesn't work because of some libraries aren't compatible with High Sierra and this hasn't been addressed by GlobalProtect (kernels)
How could I bridge my virtual instance so the host (osx) could use its VPN? Yep, I want to make my Mac laptop use my virtual win8.1 VPN.
Any help will be very much appreciated.
Cheers and thanks in advance!
S.
How to use Win8.1 virtual instance to share it's vpn to its OSX host.
-
- Posts: 1
- Joined: 14. Feb 2018, 02:43
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
I was thinking about that the other day actually; how to use the network in the guest, while not on the host. In Windows, that's a fairly easy thing to do:
Now, that's a potential solution to part 1 of your question; preventing the host accessing the world, but allowing the guest to do so. Part 2 would be to redirect any traffic from the host to the guest and then "somehow" forward that to the other port. I'm thinking of something like the following:
- you choose Bridged mode for the VM
- you bridge the VM NIC to an actual NIC on the Windows host
- you disable all the bindings, *except* the VirtualBox Bridged adapter for that NIC.
- you choose Bridged mode for the VM
- you bridge the VM NIC to an actual NIC on the host
- in the TCP/IP properties of the host's NIC, you give it a manual IP that's not valid. So, if let's say that your LAN is 10.1.2.x based, you give your host a 192.168.99.x address. Can't work.
Now, that's a potential solution to part 1 of your question; preventing the host accessing the world, but allowing the guest to do so. Part 2 would be to redirect any traffic from the host to the guest and then "somehow" forward that to the other port. I'm thinking of something like the following:
[quote] GUEST HOST +----------------+ +--------------+ | 192.168.56.101 |<-<-<-| 192.168.56.1 | | | | | 192.168.99.1 |- - - - Nowhere | 10.1.2.x |->->->| Bridged |>>>>>>>> Internet +----------------+ +--------------+ Black: HostOnly part Blue: Bridged to host's NIC Red: Invalid/non-routable IP of the host's NIC[/quote]Since 1) I'm no network guru, and 2) this affects a much larger range of hosts, I'm going to move the message from the "OSX Hosts" section to "Using VirtualBox".
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
I don't claim to be a network guru either, but AFAIK a VPN connection is designed to be end to end, not shared. If VPN was available on the host then it could be accessible to the guest via NAT. But when VPN is in the guest you'd need a reverse NAT of some kind. I guess that means checking out Internet Connection Sharing... except you have a OS X host which hence probably doesn't support Windows ICS protocol. So, you seem to have set this problem up perfectly so it can't be solved.
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
To tell you the truth, I'm more interested in the part where the guest has access via Bridged, but the host itself doesn't, for Linux/OSX hosts. I don't have those steps, the how-to. That's the "getting an 10.1.2.x address in a 10.1.2.0/24 network" part.
The "192.168.56.1 -?-> 192.168.56.101 -?-> 10.1.2.x -> 10.1.2.1 -> Internet part, I haven't 1) thought about it too much, and 2) with such a restrictive host/guest setup, I'm not sure that it's going to (be allowed to) work...
The "192.168.56.1 -?-> 192.168.56.101 -?-> 10.1.2.x -> 10.1.2.1 -> Internet part, I haven't 1) thought about it too much, and 2) with such a restrictive host/guest setup, I'm not sure that it's going to (be allowed to) work...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
-
- Volunteer
- Posts: 1631
- Joined: 25. May 2010, 23:48
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Assorted Linux, Windows Server 2012, DOS, Windows 10, BIOS/UEFI emulation
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
In some versions of Linux (Red Hat variants) you can control IPv4 and IPv6 with:
-Andy.
sudo sysctl -w net.ipv6.conf.eth0.disable_ipv6=1 sudo sysctl -w net.ipv4.conf.eth0.disable_ipv4=1I have no idea whether doing so will also break the bits that VirtualBox needs.
-Andy.
My crystal ball is currently broken. If you want assistance you are going to have to give me all of the necessary information.
Please don't ask me to do your homework for you, I have more than enough of my own things to do.
Please don't ask me to do your homework for you, I have more than enough of my own things to do.
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
Couldn't get the nested bridged part to work. That is an OSX 10.11.6 host, running a guest Mint 17.3. That guest acts like a "guest/host" to a WinXP SP3 "guest/guest". And I'm a little bit stuck, because I *do* get an IP in WinXP, but that's it. No pinging except the "guest/host" Mint, not even the gateway. I thought that this was working, but can't get it to work now...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
-
- Posts: 61
- Joined: 7. Nov 2016, 14:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: OSX,LINUX,WINXXX
- Location: Austria
Re: How to use Win8.1 virtual instance to share it's vpn to its OSX host.
Example for a linux vpn guest on a macOS host
(A) Guest network:
(C) Start your VPN software in the guest
(D) Enable routing for the company lan on the host
For a windows guest you have to implement part (B) by activating internet connection sharing on the vpn adapter.
(A) Guest network:
- 1 NAT Adapter (10.0.2.x)
1 Host only Adapter (192.168.56.y)
Code: Select all
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
(D) Enable routing for the company lan on the host
Code: Select all
route add -net x.y.z/mask 192.168.56.y
Last edited by socratis on 18. Feb 2018, 13:44, edited 1 time in total.
Reason: Enclosed the information in [code] tag for better readability
Reason: Enclosed the information in [code] tag for better readability