Hi, I am writing here because after a major update of VirtualBox (I think from 3.1 to 3.2 but not sure), I am interested by a specific VPN connection problem.
This is the situation:
- host: Linux x86_64 (Ubuntu 10)
- guest: Windows XP SP3 32-bit
From Windows XP, I am connecting using Cisco VPN client using a bridged NIC. The connection is successful, but after that I am not able to use the remote lan.
What I can say is that:
1. ping remotehost fails
2. tracert -d remotehost fails as well since the first hop
3. the same Cisco VPN connection on a "real" XP machine, with almost the same configuration (patch level, installed software, ...), works fine (ping remotehost responds, tracert -d works, ...)
4. the same Cisco VPN connection on the same VBox Windows, guest worked fine some months ago
5. I tried to find a solution in different ways without solution:
- changed guest NIC from bridged to nat
- changed guest NIC emulation from Intel pro/1000 to AMD PCNet PCI II & III
- upgraded Cisco VPN software from 4.x to 5.x
It seems something related to Virtual Box. The most similar topic I have read is http://www.virtualbox.org/ticket/4499, but no solution is reported.
I do not know how to solve this issue.
Best regards
-Renato
"Linux Host", "Windows guest": Cisco VPN routing problem
-
- Posts: 8
- Joined: 29. May 2010, 19:32
- Primary OS: Ubuntu other
- VBox Version: OSE other
- Guest OSses: Windows XP
"Linux Host", "Windows guest": Cisco VPN problem detail
Hi, I am providing some details about what I think is a VirtualBox bug.
This is the situation before the Cisco VPN connection is established:
This is the situation after the Cisco VPN connection is successfully established:
Note that the ping command fails, whereas on real XP che ping command succeeds.
Is this the correct place where to find a solution?
Regards
-Renato
This is the situation before the Cisco VPN connection is established:
Code: Select all
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...08 00 27 24 1e 62 ...... Intel(R) PRO/1000 MT Desktop Adapter - SecuRemote Miniport
0x3 ...00 0c 29 71 65 e1 ...... Intel(R) PRO/1000 MT Desktop Adapter #2 - SecuRemote Miniport
0x4 ...54 cc a4 84 17 03 ...... Check Point Virtual Network Adapter For SecureClient - SecuRemote Miniport
0x10006 ...00 ff 68 bd 8c 86 ...... Juniper Network Connect Virtual Adapter - SecuRemote Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.3.2 10.0.3.15 10
0.0.0.0 0.0.0.0 10.28.0.1 10.28.98.71 10
10.0.3.0 255.255.255.0 10.0.3.15 10.0.3.15 10
10.0.3.15 255.255.255.255 127.0.0.1 127.0.0.1 10
10.28.0.0 255.255.0.0 10.28.98.71 10.28.98.71 10
10.28.98.71 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.0.3.15 10.0.3.15 10
10.255.255.255 255.255.255.255 10.28.98.71 10.28.98.71 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.3.15 10.0.3.15 10
224.0.0.0 240.0.0.0 10.28.98.71 10.28.98.71 10
255.255.255.255 255.255.255.255 10.0.3.15 10.0.3.15 1
255.255.255.255 255.255.255.255 10.0.3.15 10006 1
255.255.255.255 255.255.255.255 10.0.3.15 4 1
255.255.255.255 255.255.255.255 10.28.98.71 10.28.98.71 1
Default Gateway: 10.28.0.1
===========================================================================
Persistent Routes:
None
C:\>ipconfig
Windows IP Configuration
Ethernet adapter NAT:
Connection-specific DNS Suffix . : replynet.prv
IP Address. . . . . . . . . . . . : 10.0.3.15
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.3.2
Ethernet adapter bridged:
Connection-specific DNS Suffix . : replynet.prv
IP Address. . . . . . . . . . . . : 10.28.98.71
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.28.0.1
Ethernet adapter {28FB614E-9DDE-482A-B9F9-CB5FEBBCA4DF}:
Media State . . . . . . . . . . . : Media disconnected
Ethernet adapter Network Connect Adapter:
Media State . . . . . . . . . . . : Media disconnected
Code: Select all
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...08 00 27 24 1e 62 ...... Intel(R) PRO/1000 MT Desktop Adapter - SecuRemote Miniport
0x3 ...00 0c 29 71 65 e1 ...... Intel(R) PRO/1000 MT Desktop Adapter #2 - SecuRemote Miniport
0x4 ...54 cc a4 84 17 03 ...... Check Point Virtual Network Adapter For SecureClient - SecuRemote Miniport
0x10006 ...00 ff 68 bd 8c 86 ...... Juniper Network Connect Virtual Adapter - SecuRemote Miniport
0x10007 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - SecuRemote Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 2.250.9.33 2.250.9.33 1
2.250.9.33 255.255.255.255 127.0.0.1 127.0.0.1 10
2.255.255.255 255.255.255.255 2.250.9.33 2.250.9.33 10
10.0.3.0 255.255.255.0 10.0.3.15 10.0.3.15 10
10.0.3.0 255.255.255.0 2.250.9.33 2.250.9.33 10
10.0.3.15 255.255.255.255 127.0.0.1 127.0.0.1 10
10.28.0.0 255.255.0.0 10.28.98.71 10.28.98.71 10
10.28.0.0 255.255.0.0 2.250.9.33 2.250.9.33 10
10.28.0.11 255.255.255.255 10.28.98.71 10.28.98.71 1
10.28.98.71 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.0.3.15 10.0.3.15 10
10.255.255.255 255.255.255.255 10.28.98.71 10.28.98.71 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
165.72.209.14 255.255.255.255 10.28.0.1 10.28.98.71 1
224.0.0.0 240.0.0.0 2.250.9.33 2.250.9.33 10
224.0.0.0 240.0.0.0 10.0.3.15 10.0.3.15 10
224.0.0.0 240.0.0.0 10.28.98.71 10.28.98.71 10
255.255.255.255 255.255.255.255 2.250.9.33 2.250.9.33 1
255.255.255.255 255.255.255.255 10.0.3.15 10006 1
255.255.255.255 255.255.255.255 10.0.3.15 4 1
255.255.255.255 255.255.255.255 10.0.3.15 10.0.3.15 1
255.255.255.255 255.255.255.255 10.28.98.71 10.28.98.71 1
Default Gateway: 2.250.9.33
===========================================================================
Persistent Routes:
None
C:\>ipconfig
Windows IP Configuration
Ethernet adapter NAT:
Connection-specific DNS Suffix . : replynet.prv
IP Address. . . . . . . . . . . . : 10.0.3.15
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter bridged:
Connection-specific DNS Suffix . : replynet.prv
IP Address. . . . . . . . . . . . : 10.28.98.71
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter {28FB614E-9DDE-482A-B9F9-CB5FEBBCA4DF}:
Media State . . . . . . . . . . . : Media disconnected
Ethernet adapter Network Connect Adapter:
Media State . . . . . . . . . . . : Media disconnected
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 2.250.9.33
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 2.250.9.33
C:\>ping XXXX
Pinging XXXX [2.108.46.91] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2.108.46.91:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Is this the correct place where to find a solution?
Regards
-Renato
-
- Posts: 30
- Joined: 15. Jun 2010, 02:25
- Primary OS: Fedora other
- VBox Version: OSE Fedora
- Guest OSses: Win 7
Re: "Linux Host", "Windows guest": Cisco VPN routing problem
Which Cisco VPN? Is it an SSL VPN?
I would argue that the GUEST behavior is correct.
When I use Cisco (Not SSL) VPN, I can no longer access my local network, I can only access hosts that are on the opposite side of the VPN tunnel.
I would argue that the GUEST behavior is correct.
When I use Cisco (Not SSL) VPN, I can no longer access my local network, I can only access hosts that are on the opposite side of the VPN tunnel.
-
- Posts: 8
- Joined: 29. May 2010, 19:32
- Primary OS: Ubuntu other
- VBox Version: OSE other
- Guest OSses: Windows XP
Re: "Linux Host", "Windows guest": Cisco VPN routing problem
Hi TonyPh12345,
>Which Cisco VPN? Is it an SSL VPN?
The exact name is "Cisco System VPN Client" actually at version 5.0.07.0290. It is not the SSL VPN Cisco client.
> I would argue that the GUEST behavior is correct.
> When I use Cisco (Not SSL) VPN, I can no longer access my local network, I can only access hosts that are on the opposite side of the VPN tunnel.
The problem is that I cannot reach the remote network! I know that the local network is forbidden, but I am supposed to reach the remote server for which I established the VPN connection. The problem is this one: I cannot reach the server which I supposed to reach. Using a "real" XP, the remote server is available, using che VBox'ed XP, the remote server is not available.
Regards
-Renato
>Which Cisco VPN? Is it an SSL VPN?
The exact name is "Cisco System VPN Client" actually at version 5.0.07.0290. It is not the SSL VPN Cisco client.
> I would argue that the GUEST behavior is correct.
> When I use Cisco (Not SSL) VPN, I can no longer access my local network, I can only access hosts that are on the opposite side of the VPN tunnel.
The problem is that I cannot reach the remote network! I know that the local network is forbidden, but I am supposed to reach the remote server for which I established the VPN connection. The problem is this one: I cannot reach the server which I supposed to reach. Using a "real" XP, the remote server is available, using che VBox'ed XP, the remote server is not available.
Regards
-Renato
-
- Posts: 8
- Joined: 29. May 2010, 19:32
- Primary OS: Ubuntu other
- VBox Version: OSE other
- Guest OSses: Windows XP
Re: "Linux Host", "Windows guest": Cisco VPN routing problem
Hi, is there any way to correct the (probable) bug I have reported?