Host VPN Connection Causes Loss of Guest OS Network Route

Discussion in 'Linux Virtual Machine' started by zmonster, Aug 17, 2011.

  1. zmonster

    zmonster Member

    Messages:
    28
    I have Mac OS X Host, Ubuntu Guest/VM, Shared Networking.

    When I'm connected to the "internet", everything works fine. I can ping my Ubuntu VM (named 'ubuntu') just fine using

    ping ubuntu.local

    However, I often have to connect my Mac to a company VPN (Juniper), which then causes the Mac's IP address to change to a different subnet. Once that happens, the Mac can no longer ping/hit the VM. In my case, after VPN connection, the Mac IP==10.1.115.78, and the Ubuntu IP==10.211.55.4. Note that the name resolution still works; ping ubuntu.local still resolves to 10.211.55.4, it's just that the Mac no longer has a 'route' to that IP.

    I am assuming there is a really easy fix for this (as you can tell I am a networking idiot). I've tried switching the Parallels networking type to Bridged, Host only, etc, to no avail. Ideally I want the routes to work whether the Mac is connected to VPN or not, and I want the Ubuntu to continue to have internet access.

    Do I have to add a hard-route to the Mac's route tables or something?
     
    Last edited: Aug 19, 2011
    zmonster, Aug 17, 2011
    #1
  2. zmonster

    zmonster Member

    Messages:
    28
    Anyone? Please? :)
     
    zmonster, Aug 19, 2011
    #2
  3. Elric

    Elric Parallels Team

    Messages:
    1,718
    Hi,
    while connected, start the /Application/Utilities/Terminal, run the command "netstat -nr" (without quotes) and send me via private message the output.

    There is a small chanse that it is possible to correct this behaviour (if it is just a routing conflict between Parallels and your VPN). But if there is no conflict, then the situation is likely the following:

    some VPN clients forbids all other network interfaces and routes at connect to VPN to provide additional security and avoid secure-data leaking. And forcibly disconnects from VPN as soon as see routing-table changes. So, if your Juniper behaves this way (I believe that is smart from their side), then change of routing table will not be possible.

    You can try to setup PortForwarding for Parallels Shared Networking to your VM for some TCP-ports (for example, to ssh-port 22). It could be done in the menu of Parallels Desktop -> Preferences -> Advanced Settings -> Change Network Settings -> SharedNetworking. Add the rule incoming_port=22, ip_address=<ip_of_vm> (10.211.55.4?), destination_port 22. Then you will be able to
    ssh <ip_of_your local machine>
    and this will be redirected to the VM
     
    Elric, Sep 2, 2011
    #3

Share This Page