I'm trying to setup my parallels session to use host only networking with the internet connection sharing (NAT) enabled so all of my sessions can talk over my vpn connection to work. I've changed my network adapter for my parallels session to use host only and I enabled the connection sharing in the Mac control panel but my windows session is getting a 169.... IP (one of the microsoft default type addresses). What else do I have to enable to make this work? bridged neworking was working fine but I couldn't talk to work with my sessions that way. thanks, Bill
DHCP setup in host-only networking While we're at it, can someone explain how the DHCP server is supposed to work with the Host Only Networking option? Parallels asks you to put enter a DHCP scope in the preferences with a range that defaults to "10.37.129.*". Sometimes, however, I get an address from the Mac's "Internet Sharing" feature, which has the network address "192.168.2.*". And sometimes, DHCP doesn't seem to work at all... this all seems very flaky and random as to which type of address I get (or whether I get one at all). It would proably help if Parallels would provide a little bit more detail somewhere in their documentation (it's hard to believe that the ~200 page instruction manual doesn't explain this somewhere).
Parallels DHCP server provides IP addresses for (virtual) network to which your Mac connects through Parallels Host-Guest Adapter (en2). However, when Internet Sharing is activated it brings up its own DHCP server (bootpd). Parallels DHCPd deactivates itself when IS is on. If you're having troubles with Internet Sharing check the following: 1. Your Internet Sharing has actually started, i.e. Sharing preferences pane has 'Stop' button, not 'Start'. 2. Make sure natd is running by typing 'ps axuww|grep natd' in the terminal 3. Make sure bootpd is running 'ps axuww|grep bootpd' 4. See if there are error messages fom natd or bootpd in the system log By the way, are you sure that your VPN client does support sharing the connection through IS? It is possible that VPN policy forbids local networking (which networking on en2 actually is).
I've shared the vpn connections before with vmware sessions and such si I'm pretty sure that will work. Right now I can't get the parallels session to reach the network at all using the host-oply option. I didn't see the natd process running even though the connection sharing was running. I stoped and started connection sharing. Now I see the processes running on the Mac. schwartz@fuelex9 ~ $ ps -axuww | egrep -e 'natd|bootpd' schwartz 1514 1.4 0.0 27352 424 p3 S+ 3:16PM 0:00.00 egrep -e natd|bootpd root 1459 0.0 0.0 27316 240 ?? Ss 2:55PM 0:01.82 /usr/sbin/natd -alias_address 129.80.90.222 -interface en0 -use_sockets -same_ports -unregistered_only -dynamic -clamp_mss -enable_natportmap -natportmap_interface en2 root 1460 0.0 0.1 27824 904 ?? Ss 2:55PM 0:00.01 /usr/libexec/bootpd -P The Mac appears to be giving the parallels session an IP. Jun 8 14:58:15 FuelEX9 bootpd[1460]: DHCP INFORM [en2]: 1,0:82:2:a:64:b2 <fuelex9-winxp> Jun 8 14:58:18 FuelEX9 bootpd[1460]: DHCP INFORM [en2]: 1,0:82:2:a:64:b2 <fuelex9-winxp> Jun 8 14:58:18 FuelEX9 bootpd[1460]: ACK sent fuelex9-winxp 192.168.2.2 pktsize 300 The PC can't even ping the gateway. Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\schwawh>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : stortek.com IP Address. . . . . . . . . . . . : 192.168.2.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 C:\Documents and Settings\schwawh>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.2.1: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\Documents and Settings\schwawh>
On the Mac I see this for the parallels virtual interface. en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::201:23ff:fe45:6789%en2 prefixlen 64 scopeid 0x8 inet 10.37.129.2 netmask 0xffffff00 broadcast 10.37.129.255 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 ether 00:01:23:45:67:89 media: autoselect status: active supported media: autoselect It has 2 IP addresses there, is that right?
It's OK for en2 to have two IP addresses when IS is on. But I'm still not convinced in compatibility of your VPN and Internet Sharing. Whatever worked for you in host Windows/Linux with vmware NAT doesn't count on Mac OS X. Mac implements NAT differently. What VPN are you using?
It's the Cisco VPN client. But in the above case where I try to ping my gateway and it fails the VPN isn't connected. I can't get the nat to work at all. Bridged networking works great
Hmm... What happens if you stop Cisco VPN by 'sudo SystemStarter stop CiscoVPN'? Does Internet Sharing to en2 work now?
I ran that command and it said it was unloaded. schwartz@FuelEX9 ~ $ sudo SystemStarter stop CiscoVPN Password: kextunload: unload kext /System/Library/Extensions/CiscoVPN.kext succeeded I then shutdown my parallels session, changed the network over to host-only. Started the connection sharing on the Mac side. Restarted the parallels session. The logs on the mac show a dhcp address being handed out but I still can't ping the gateway from the Parallels session. Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\schwawh>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : theschwartz.net IP Address. . . . . . . . . . . . : 192.168.2.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 C:\Documents and Settings\schwawh>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.2.1: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\Documents and Settings\schwawh>
ok, it looks like it's the Mac firewall that's blocking things. I disabled the stealth mode and now I can ping the gateway from the Parallels session. How do I open the right stuff on the firewall so the shareing works but so nothing can come in yet?
Did more playing around. The CiscoVPN client can have it's kernel module loaded and the sharing will work. But once you connect the vpn then it kills natd. Restarting natd by hand doesn't seem to work. So 2 problems here. first I'm not sure how to configure the firewall on the Mc to allow the connection sharing and secondly the vpn client drops natd when it's connected. Doesn't look good unless someone has an idea I can try. Probably not a Parallels problem though
You should have all the ports that you're going to access from VM open. In particular you should enable Personal Web Sharing in firewall settings for VM to browse the web.
One thing I've found is that if I put my MBP to sleep, it seems the Host Only networking seems to break. I think that's talked about elsewhere on this forum, but just a note as well.
I posted my experiences under the networking faq http://forum.parallels.com/thread1877.html. We are using 802.1X authentication for network access. The symptoms are the same as schwartz wrote for VPN: connecting the host to the private networks kills the network sharing of the MAC. So if we could found a workaround for this problem, it would be really great.
