Guest Ubuntu 10 Server cannot connect to Office via VPN
Posted: 23. Oct 2012, 17:13
Hi;
I have not been able to configure things correctly so that I can use my guest OS (Ubuntu 10.04 64 bit server) to connect to our development and production systems when the host OS (OS/X 10.8.2) is connected via VPN. I am using VirtualBox 4.2.1, which is the latest version for OS/X. Having scoured the forums and the studied the User Manual, I could use some expert information and hope someone can provide some guidance.
The Guest OS is our official development environment so that all team members, local and remote, all have the same system and configuration as our staging, testing and production servers. It would be tremendously helpful to be able to work effectively from home and that is the purpose of this inquiry.
I typically connect only via wireless either when in the office or from home. When in the office, I find that using en1 as a Bridged Adapter over Wi-Fi works fine, even with the AirPort limitations of using IPv4 only. The Guest OS finds the corporate DNS and registers itself. I can ssh into my guest from my host by using the guests' hostname directly, and connect to the office database servers, staging servers, etc. I should mention that I found instructions to set "Enable IO APIC" on for the 64 bit guest OS, and that is set.
When at home, I connect to the office systems via VPN. But, (as I am sure you are aware), the Bridged Adapter bypasses the host OS and uses a device driver on the host system to filter data directly from the physical network adapter. Therefore, the traffic through the Bridged Adapter will never go through the VPN tunnel.
To test configurations, I can switch from the corporate wireless network to a guest wireless network and use VPN. I have been reading the manual and trying different settings. Here is what I have observed about the Guest OS. For these, the VPN is brought up first, then the Guest OS is started:
NAT: Guest OS uses the internal corporate DNS and can ping network servers. However, although the Host OS resolves the Guest OS name.local for pings, the pings are dropped ("Request timeout for icmp_seq X") and ssh cannot resolve the Guest OS name.local. So this is not successful because the guest OS is server only -- no GUI for development. I need to be able to ssh to the guest OS to work in a flexible terminal.
Bridged Adapter: Host OS can resolve Guest OS name.local. Both ping and ssh work (it will probably take a few minutes to update the corporate DNS with the guest's host name, then I will be able to ping and ssh without the ".local" extension). But the Guest OS is using the guest corporate DNS, not the internal DNS. I was able to ping the corporate domain name servers, so I replaces the /etc/resolv.conf settings and forced the Guest OS to use the corporate DNS. Unfortunately, this only works while on the corporate guest network. From home, I have had no luck seeing the corporate DNS, so that trick won't work. I have documented that, from home, the Guest OS cannot even ping the corporate DNS, nor can it ping any of the staging systems or database servers.
It would seem that neither Internal Networking nor Host-only networking are appropriate given the intentions and limitations of those models. It would be great if I could use NAT to get the Guest OS to see the internal corporate DNS and use the Bridged Adapter to access the Guest OS from the Host, but don't know enough to put that specific configuration together.
If anyone has some thoughts on the matter, I would be grateful for some insight.
Many thanks,
Peter
I have not been able to configure things correctly so that I can use my guest OS (Ubuntu 10.04 64 bit server) to connect to our development and production systems when the host OS (OS/X 10.8.2) is connected via VPN. I am using VirtualBox 4.2.1, which is the latest version for OS/X. Having scoured the forums and the studied the User Manual, I could use some expert information and hope someone can provide some guidance.
The Guest OS is our official development environment so that all team members, local and remote, all have the same system and configuration as our staging, testing and production servers. It would be tremendously helpful to be able to work effectively from home and that is the purpose of this inquiry.
I typically connect only via wireless either when in the office or from home. When in the office, I find that using en1 as a Bridged Adapter over Wi-Fi works fine, even with the AirPort limitations of using IPv4 only. The Guest OS finds the corporate DNS and registers itself. I can ssh into my guest from my host by using the guests' hostname directly, and connect to the office database servers, staging servers, etc. I should mention that I found instructions to set "Enable IO APIC" on for the 64 bit guest OS, and that is set.
When at home, I connect to the office systems via VPN. But, (as I am sure you are aware), the Bridged Adapter bypasses the host OS and uses a device driver on the host system to filter data directly from the physical network adapter. Therefore, the traffic through the Bridged Adapter will never go through the VPN tunnel.
To test configurations, I can switch from the corporate wireless network to a guest wireless network and use VPN. I have been reading the manual and trying different settings. Here is what I have observed about the Guest OS. For these, the VPN is brought up first, then the Guest OS is started:
NAT: Guest OS uses the internal corporate DNS and can ping network servers. However, although the Host OS resolves the Guest OS name.local for pings, the pings are dropped ("Request timeout for icmp_seq X") and ssh cannot resolve the Guest OS name.local. So this is not successful because the guest OS is server only -- no GUI for development. I need to be able to ssh to the guest OS to work in a flexible terminal.
Bridged Adapter: Host OS can resolve Guest OS name.local. Both ping and ssh work (it will probably take a few minutes to update the corporate DNS with the guest's host name, then I will be able to ping and ssh without the ".local" extension). But the Guest OS is using the guest corporate DNS, not the internal DNS. I was able to ping the corporate domain name servers, so I replaces the /etc/resolv.conf settings and forced the Guest OS to use the corporate DNS. Unfortunately, this only works while on the corporate guest network. From home, I have had no luck seeing the corporate DNS, so that trick won't work. I have documented that, from home, the Guest OS cannot even ping the corporate DNS, nor can it ping any of the staging systems or database servers.
It would seem that neither Internal Networking nor Host-only networking are appropriate given the intentions and limitations of those models. It would be great if I could use NAT to get the Guest OS to see the internal corporate DNS and use the Bridged Adapter to access the Guest OS from the Host, but don't know enough to put that specific configuration together.
If anyone has some thoughts on the matter, I would be grateful for some insight.
Many thanks,
Peter