Tunneling host traffic through guest?

[brbvb]

Fedora 11 host. XP guest. Vbox 2.2.4. I need to connect to a vpn but there is no linux client and I have not had any luck finding a hack. I can connect to the vpn through the XP guest no problem. Does virtualbox provide a way to allow the host to tunnel traffic through the guest so that I can access the vpn through linux instead of having to use XP?

Thank you for your time.

[vbox4me2]

By using 2 interfaces, route traffic from one to the other.

[brbvb]

By using 2 interfaces, route traffic from one to the other.

Thank you for your suggestion. I've actually been trying to do it this way but I discovered that apparently the vpn client on my XP guest is disabling ip forwarding (even though I have it set explicitly to 1 in the registry). So I was hoping that vbox had some way to allow the host to use the guest network without needing ip forwarding so that the vpn client wouldn't notice.

Right now I am using proxy servers on the XP guest for web browser and ftp from linux to the vpn. I was just wondering if there is a more elegant way to access the vpn on the XP guest from the linux host.

[vbox4me2]

Look at the default gateway when the vpn is active, you can disable that and use specific routing commands to get this done.

[brbvb]

Look at the default gateway when the vpn is active, you can disable that and use specific routing commands to get this done.

I'm sorry, it is probably because I do not have a lot of knowledge of networking that I do not understand what you are saying. I have discovered that the vpn client will not allow my XP guest to forward any traffic that does not originate from the guest itself. I can make a tcp/ip connection between the two of them just fine (in fact, I am running proxy servers on the XP guest to allow applications on the host to access the vpn). And I know how to configure my linux host to use the XP guest IP address as a gateway for the private IP addresses in the vpn. But when I look at the log files for the checkpoint secure client on the XP guest I can see that it is dropping all of the packets from my linux host destined for the vpn. In other words, it will not let my XP guest forward those packets on to the vpn even though I have IP forwarding enabled in the registry. So the problem does not seem to be gateways as I can see from the logs that my linux host is trying to use the XP guest as a gateway. The problem seems to be that my XP guest is not being allowed to forward any packets it receives from my linux host. Thus, I am inquiring if there is a workaround which will allow my linux host to use the XP guest network by appearing to originate from the guest network in order to fool the secure client software I have to install to access the vpn on my XP guest.

I hope that makes sense. Thank you for your time.

[vbox4me2]

The answer is still the same, routing will take care of that, read some tcp/ip tutorials about it.

[brbvb]

The answer is still the same, routing will take care of that, read some tcp/ip tutorials about it.

Excellent, I am excited to get this working. I don't mean for you to do all of my work for me, I am more than happy to learn this myself, but could you give me a hint as to what exactly I should be reading? Is there a special trick to employ here? What phrase should I google for.

Thank you again for your help. When I figure this out I will put up a web page so that others in my situation can learn from it and you will have one less question to answer here in the future

[vbox4me2]

Its like a toaster, you stick it in and power it on.
http://www.google.nl/search?hl=nl&q=tcp ... rial&meta=

[chronoboy]

Not sure if this will help or not, but here it goes...

Your Windows VPN client should be creating a new network interface in the Networking connections, correct?
If this is correct, you should have two interfaces configured on your VBox guest, one being either NAT or Bridged and the other being host-only.

Okay, now on your Linux host, you should have two connections as well, one would be your outbound Internet connection which the Windows guest is either NAT'd or bridged to. The other interface would the host-only interface connected directed to the guest system.

After you have confirmed the above and successfully connected to your VPN, bridge both your VPN interface in the guest with the host-only interface using the standard Windows XP bridging tool in Network connections.

Now you should have a host-only connection on your Linux host which is bridged to the VPN connection on your Windows guest. Next step is to make a change to the Linux guest host-only network interface, by using both the ifconfig and route commands to set up the correct routing for the traffic.

Once everything is correctly set-up, your Linux host will connect through your Internet connection for all Internet IPs, and connect to the host-only interface bridged through the VPN for all IP addresses in your companies subnet mask. Samba should also be-able to connect to shares as well, although I am not completely sure.

If you really want to connect to internet IP addresses from your Linux host using the VPN bridge, then you need to play with the route command and make sure that the VPNs IP address is still correctly routed to the Internet, but all other routing is handled by the VPN bridge. This maybe tricky to pull off, however using a bridged VBox network for outbound connections for the Windows guest should remedy this, as the windows guest will use your ISPs gateway, and your Linux host will use the VPNs gateway.

Hope this helps you solve your VPN issue, or at least gives you some ideas on how to tackle it.