Another VPN Query! VPN Sites not accessible, can't use shared adapter.

Hi all,

I'm testing Parallels 6 on my MacBook Air with a view to purchasing if I can get this working.

I use Cisco VPN on my MacBook to connect to my work network and use the local sites and services. One of these is Microsoft Dynamics 4.0 CRM, which unfortunately only works on Internet Explorer.

I have set up a VM in order to use IE in Coherence mode and therefore have access to the web-based CRM, which is only accessible via the VPN.

My problem is that I can't get the VM to see the local CRM site. It has internet connectivity, but not to sites that are available only through the VPN.

I have had to disable IP4 DHCP in Parallels settings, as having this enabled caused Cisco VPN client to disconnect after a few seconds (error 422). The common solution on the web was to disable this. When I did this, I stopped losing VPN connectivity, but did not have internet connectivity on the VM. So I changed the VM network settings to "default adapter" rather than "shared" and the internet came up, but still no VPN sites.

I hope I have explained this well enough - I think I need shared network enabled on the VM to use the VPN sites, but I can't do this because my VPN won't connect if I have DHCP enabled in Parallels general settings and when DHCP is disabled, only using the "Default adapter" provides internet settings.

Thanks in advance for your advice.

 

Ok it is working now! It seems that by only disabling DHCP for Shared Mode and leaving Host Mode enabled, this is enough to prevent Cisco VPN from disconnecting, but also allows for the VM to access internet + VPN sites. Happy days!

 

It is a kind of new for us information, thank you for posting.

I will keep an eye on this problem..

This information is just generic and I don't expect that you need it, but may be someone else will see this topic and will post something:

there could be two possible root-causes of this problem:
1) There is a coflict of ranges. In this case changing in the Parallels Desktop -> Preferences -> Shared Networking DHCP Range from 10.211.55.1-10.211.55.255 to say 10.212.55.x will help

2) Cisco doesn't like Parallels DHCP at all. In this case it is really needed to disable DHCP and configure Windows VM to use static address 10.211.55.5, Gateway = DNS = 10.211.55.1 (while keeping DHCP range 10.211.55.x)

 

Thanks for your reply. I thought I had fixed the problem but unfortunately it us happening again so your advice wry helpful and will try it out. I have to disable DHCP in order for Cisco VPN to stat connected so I will try the static address configuration you recommend.

 

Hi Eric,

I have tried the above option but Win7 VM still cannot see any sites that are only available over the VPN. I have disabled DHCP and set up the IP4 DNS settings on the VM as follows:

IP: 10.211.55.5
Subnet: 255.255.255.0
Gateway: 10.211.55.1
DNS: 10.211.55.1

Can you think of a reason why the VM can go on the internet but not the VPN sites? Parallels networking is configured as Shared.

 

Thank you for the information that disabling DHCP helps. We should think here on how to not reply if DHCP comes not from parallels virtual machine..

==

About problem connecting to VPN sites:
it is likely due to DNS-issue. Actually, the behaviour your are describing is not the expected one (I was pretty sure that there are no single problem here). It is supposed to work. Parallels Shared Networking should detect that VPN is connected and redirect DNS-requests to the VPN. I'd appreciate if you could

enable Verbose Logging via menu "Parallels Desktop -> Preferences -> General -> Use detailed log messages", then while connected to VPN try to connect to some VPN'd server. Then click menu of Parallels Desktop "Help" -> "Report a Problem" and post a problem report (the description is not necessary) and post here its id. After that disable the Verbose Logging.

==
What about workarounds:

1) May help open VPNd site using full name (Fully Qualified Domain Name). For example full name (while I'm in parallels-network) for server foo is foo.parallels.com

2) Another workaround is to make the VPN's dns-server be a primary DNS server at Windows-side: open LocalAreaConnection preferences -> TCP/IP v4 -> and make this dns-server be Primary DNS Server. Secondary should be 10.211.55.1 - Parallels Shared Networking DNS server. It should work even if VPN connection is not established.

Afair, it is possible to obtain ip address of VPNd DNS-server by starting /Application/Utilities/Terminal and executing command "scutil --dns" (without quotes) and searching the server that looks like vpn'ed-one.

 

Thanks for your reply. I have been experimenting with different settings (my understanding of networking isn't good enough to make educated changes so I've been guessing somewhat) and currently it is working again! Note that it worked before then stopped again so only time will tell if this will stay working.

Here are the settings I'm using:

VM network option: Shared
Parallels networking settings: DHCP IPv4 enabled, range 10.211.55.10 to 10.211.55.254, subnet 255.255.255.0.
VM adapter settings: DHCP enabled (automatically obtain IP addresses)

Before, if I enabled DHCP in Parallels settings, Cisco VPN would not stay connected. By changing the start DHCP range it seems that it is now working.

Thanks for your suggestion of changing the DHCP range, that seems to be the fix!