[Solved]Can't get my VPN to work on a specific port...

tigercorp · Post by **tigercorp** » 15. Sep 2008, 10:11

Hi,

I've got Virtualbox 1.6.4 running on Hardy Heron.

An XP guest has the Cisco VPN client 5.0... installed and will connect out of the box using UDP.

*** I need it to work on TCP port 10000 ***

The XP guest can access the internet fine using NAT and I would prefer to NAT rather than bridge.

The Hardy host can telnet to the vpn server on port 10000.
There's no firewall set up on the host and its switched off on the guest.

I've set up port forwarding for TCP 10000.
Running "VBoxManage getextradata XP-Work enumerate" returns

Key: VBoxInternal/Devices/pcnet/0/LUN#0/Config/vpn_10k/HostPort, Value: 10000
Key: VBoxInternal/Devices/pcnet/0/LUN#0/Config/vpn_10k/GuestPort, Value: 10000
Key: VBoxInternal/Devices/pcnet/0/LUN#0/Config/vpn_10k/Protocol, Value: TCP

Anyone got any trouble shooting ideas?

Post by **Sasquatch** » 15. Sep 2008, 20:47

VPN traffic should work with NAT. I don't know if the Cisco VPN Client actually works right with NAT. You can try searching here on the forums, as other users have VPN with NAT without issues.

tigercorp · Post by **tigercorp** » 16. Sep 2008, 04:11

It does actually work with NAT -> it works when UDP is the protocol.

Because of that I'm thinking my question is more a port forwarding one. Does my port forwarding setup look right? Is there any trouble shooting steps I can do to check that port forwarding is working?

I've searched the forums but can't find anyone with a similar problem. I'm thinking I might try bidging/Host Interface Networking if I don't get any joy from this thread...

Post by **Sasquatch** » 16. Sep 2008, 20:00

Your port forwarding looks just fine. You can test this if you enable a service like RDP or a webserver (default install of XP also has telnet which you can set up, though might not be available on Home, just like RDP) on that port and try to connect from the outside to it using the Hosts IP address (you can use localhost if you try it from the host itself).

tigercorp · Post by **tigercorp** » 17. Sep 2008, 01:44

Thanks for the suggestion.

I can telnet from the guest to the vpn server on port 10000 so it seems the port forward does work.

The bare hardware is set up with dual boot Ubuntu and XP so I've tried using the same vdi with the XP host. Set up port forward, telnet from guest works ok but still not the vpn. Again, vpn over UDP works fine.

BTW, the vpn works fine on port 10000 from the XP host.

Post by **Sasquatch** » 17. Sep 2008, 19:44

What if you remove the port forwarding rule? As you state, using UDP works and the forwarding is set for TCP.

tigercorp · Post by **tigercorp** » 18. Sep 2008, 09:25

With no port forwarding I can still telnet from the guest to the vpn server on 10000.
Vpn still doesn't work.

Post by **Sasquatch** » 19. Sep 2008, 22:30

And if you use a port lower than 10000? IIRC, there was an issue with port forwarding and high port numbers.

tigercorp · Post by **tigercorp** » 22. Sep 2008, 05:29

The VPN server only accepts connections on TCP 10k, 443, 80 and 22 which don't work from the guest.

I've finally gotten round to trying Host Interface Network with Bridging and that works fine for all ports, so I guess I'm going to just go with that and not use NAT.

Thanks for the help Sasquatch, can you please mark this as solved?