Restricting NAT Network to a virtual VPN adapter
Posted: 20. Nov 2015, 00:44
HostMachine is Windows 7 64, running VirtualBox. I want HostMachine to use my normal internet connection, rather than the VPN. (I don't mind if it has a VPN adapter, I'd just want it to be lower priority than my true adapter.) It would be "OK" if HostMachine had weird scenarios that would use the VPN, but speed is way slower.
ClientMachine is Windows 7 64. I want ClientMachine to only be able to use the VPN. Under no circumstances, even if the VPN is disconnected or the adapter is even deleted, do I want ClientMachine using my normal internet connection. (Other than sending VPN'ed traffic to VPNServerMachine.)
VPNServerMachine is linux, running OpenVPN.
I think I'm right up to the last step in getting this work.
HostMachine has my real network adapter as a higher priority over the virtual OpenVPN TAP adapter. I'm able to connect its OpenVPN to VPNServerMachine. Web browsing uses my ISP. The VPN is up and running, because I can ping VPNServerMachine from HostMachine.
In HostMachine VirtualBox, I set up a NAT Network, name NATNet, CIDR 10.0.2.0/24. ClientMachine has an IP of 10.0.2.4. It's acting identical to HostMachine. Web browsing uses my ISP. It can also use the VPN for those IPs -- I can ping VPNServerMachine from HostMachine, without HostMachine running any OpenVPN software.
So, how do I tell HostMachine's VirtualBox to ONLY under any circumstances use the OpenVPN TAP adapter for NatNet? Or, similarly, how do I tell HostMachine's VirtualBox to NEVER under any circumstances use the actual adapter?
In case someone hasn't looked at this before, no, using bridge mode doesn't work. It bypasses the VPN software running on the host, and there are numerous posts saying that will never work.
ClientMachine is Windows 7 64. I want ClientMachine to only be able to use the VPN. Under no circumstances, even if the VPN is disconnected or the adapter is even deleted, do I want ClientMachine using my normal internet connection. (Other than sending VPN'ed traffic to VPNServerMachine.)
VPNServerMachine is linux, running OpenVPN.
I think I'm right up to the last step in getting this work.
HostMachine has my real network adapter as a higher priority over the virtual OpenVPN TAP adapter. I'm able to connect its OpenVPN to VPNServerMachine. Web browsing uses my ISP. The VPN is up and running, because I can ping VPNServerMachine from HostMachine.
In HostMachine VirtualBox, I set up a NAT Network, name NATNet, CIDR 10.0.2.0/24. ClientMachine has an IP of 10.0.2.4. It's acting identical to HostMachine. Web browsing uses my ISP. It can also use the VPN for those IPs -- I can ping VPNServerMachine from HostMachine, without HostMachine running any OpenVPN software.
So, how do I tell HostMachine's VirtualBox to ONLY under any circumstances use the OpenVPN TAP adapter for NatNet? Or, similarly, how do I tell HostMachine's VirtualBox to NEVER under any circumstances use the actual adapter?
In case someone hasn't looked at this before, no, using bridge mode doesn't work. It bypasses the VPN software running on the host, and there are numerous posts saying that will never work.