Networking is working fine for me both at home and at work. I'm able to access both the internet and my local machine. However, if I'm at home and I VPN into work, I can no longer access any resources on either the internet or local machine. Also, running parallels seems to sometimes make the Cisco VPN client unable to finish disconnecting or connect. Any ideas? Mark
I don't know how you are running your VPN client but I have installed and run the Cisco VPN client inside the Windows VM session and had no problem accessing everything. I doubt that this is a Parallels specific issue. D
Do you get through to your companies internal network via the Cisco VPN client? If so, then odds are that it is working as designed. The Cisco package by default blocks all access locally when you have logged into the VPN, and insists upon sending and servicing all network requests trhough the company and thus you will lose access to other "local" systems. Not sure about the disconnect/connect issue. I haven't set it up yet, since I usually just VPN through my mac. Geoff
I've been able to connect via VPN from within Windows just fine. However, then I can't access my folders on the Mac. I can also VPN connect from the Mac, however, then I can't access anything from Windows. What I want to be able to do, is to have My Documents reside in a folder on my Mac and to be accessed by Windows. That way, if I ever have multiple VMs, etc, they can share the files. I also worry about having my data in a VM. My email data files reside here. Right now, I'm doing this by sharing the folder out using networking, not using Shared Folders and not using Host-only networking. Ideally, I'd be able to VPN from the Mac and have both Windows & Mac apps be able to access work and for me still to be able to have access to the files on my Mac from Windows. So my problem is that no matter which route I take, I can't VPN and access my files from Windows. Using the Shared Folders is possibly one way around this, though right now, they're so bad that they're unusable. Outlook can't seem to find them.
Did you try setting local LAN access for your VPN connection? Select the connection, then Modify/Transport/Allow Local LAN Access. I'm able to access my work's VPN using the Cisco client from a Windows install, no problem.
I need to run the Cisco VPN on the Host machine (MacBook Pro) and access that VPN connection from the WinXP VM. Any suggestions? I can run the VPN just fine on the Host OR the VM.
Host on VPN kills connection to guest I've been posting about this for days (see http://forum.parallels.com/post5404-1.html and http://forum.parallels.com/post6274-29.html), and have sent bug reports/support requests to support@parallels.com, and I haven't heard anything yet. Now at least I finally know I am not alone. I am using Cisco VPN client version 4.9.000 (Universal Binary build for Macintosh). I got it from my school; it is pre-configured to connect to the right vpn host, I simply enter my userID and password, and I have "Allow LocaL LAN Access" checked. The tech people at my school (who maintain the VPN service) say that the VPN should be transparent to Parallels when Parallels is running in bridged mode; even though a user can only be logged on to the VPN from one machine at a time, connecting the Mac host to the VPN should allow the Windows guest to maintain its original, unsecure connection. They also said that in host-only mode, as long as the "Enable Local LAN Access" is checked, that the host should be able to share the VPN connection with the guest, allowing both machines access to the VPN at the same time through a single logon. Either of these situations would be workable to me (the second would be preferable) but I am able to acheive neither. I did extensive tests with beta 5, and determined that when I was using bridged networking (haaving the guest and host each getting IP addresses via DHCP from my router), if I connected the host to the VPN, the guest could no longer connect to websites, but it could still connect to the host machines shared folders, however the host machine could not make connection to the guest until I disconnected the host from the VPN. Furthermore, when I was using host-only networking, and sharing an internet connection from the Mac to the guest, connecting the host to the VPN would kill the guest connection to the internet (i.e. it could no longer connect to websites) but left the file sharing connections between guest and host intact. Now, with beta 6, it seems as though everything is the same in the bridged-networking situation. However, since beta 6, using the VPN with the host has been causing VERY strange and unpredictable behavior. It has been causing all sorts of problems where I am unable to open a terminal window, or if I can open one, I am unable to execute any commands at the command line (either in Terminal.app or X11.app) until I restart my Mac. I will post more details on this behaviour after I can test to verify whether there is any consistency.
Keep in mind Alkalifly, that the "Allow Local LAN Access" only works if the VPN server allows it. I know for sure that my company does not. I can set all the options I want: Local Lan, Firewall, what ever and it doesn't matter at all. The VPN policy at the end point you are connecting to has the authority to override your settings. So I'm not 100% sure this is a parallels bug alone. Cheers, Rich
Thank you for the input, Rich. However, I am pretty sure that I should be able to do this because the administrators who set up the VPN service for my campus said that it is allowed and should be possible. Of course, they could be wrong Also, it is not absolutely imperative that I get the VPN going to the guest as well. If I could connect my host to the VPN but still maintain a plain vanilla internet connection in the guest, I would be able to work just fine like that. Unfortunately, I have not been successful in that, using either bridged or host-only methods Are any of the Mac VPN users able to do at least this much? (Mac -> VPN, Windows XP guest -> unsecured connection)
I can do "this much". I am VPN'd using Cisco's latest VPN client on my host OS (10.4.6 on a Macbook Pro) -- I just checked and was able to get access to a private web server behind our firewall. I then booted up my Guest OS (Win XP/SP2) and verified using ipconfig that I have a good DHCP-assigned address. I then fired up Firefox and am able to get to the internet using the DHCP connection. I am using Bridged with Default Adaptor selected. Right now, I do not have an ethernet cable plugged in so that means I am bridging to the airport connection. I am using beta 6 with the hotfix applied. So I am able to do what you seem not able to do. Jim
Hi Jim, I would really like to figure out why I can't do exactly what you described, and I think I might have figured something out. When I first got my DSL connection at home, there was some problem with something that I have now forgotten the details of, but I called tmy ISP and they told me to manually assign the DNS servers on my router to specific addresses (provided by the ISP). This made everything work. Fast forward to now. I followed all of the steps you outlined above, with the addition of executing the nslookup command from the DOS prompt in addition to the ipconfig command. If I run the WIndows XP guest WITHOUT connecting the Mac host to the VPN, ipconfig returns a valid IP assigned by the router, and nslookup returns the DNS server specified in my router setup. When I run a Windows XP guest WITH the Mac host connected to the VPN (I connected to the VPN before booting up the guest to be consistent with the methods you outlined above), ipconfig returns the same valid IP address, but nslookup returns the following: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 4.2.2.1: Timed out DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 4.2.2.2: Timed out *** Default servers are not available Default Server: UnKnown Address: 4.2.2.1 Where 4.2.2.1 and 4.2.2.2 are the DNS addresses I specified in my router setup utility. And, at this point, I cannot load any webpages on the guest, even if I type in their numerical addresses rather than their names. Also, at this point, I can no longer connect to the guest's shared folders from within the Mac OS Finder. I also cannot connect from within the Windows guest to the Mac even though I have Windows Sharing turned on in the Mac (and it works when the Mac is not on the VPN). However, I can still access the shared folders that I set up using the Parallels built-in shared folders feature. Any suggestions on how to resolve this issue would be most appreciated. Thanks, Paul
I Run the Cisco client in the windows environment trhough aa airport and it works perfect. however i cannot connect when the cisco client is on the mac. I believe this is due to some kind of authentication protocol that OSX doesn't support
Any further details on this? I, too, can run the Cisco client in the Windows environment (as long as I can connect the Windows environment to the internet) but it is really for the Mac that I need it. Any information on the authentication protocol you are speaking of would be helpful. Thanks
My success with VPN Well, I just tried this again. Running Cisco VPN on Mac OS X 10.4.6. Booted up the XP/SP2 VM in Parallels. I continue to get full outside internet access. I did run nslookup from a DOS command window both with and without the VPN running on the host. It returns a name server address -- doesn't time-out -- that is consistent with my Verizon DSL and I get the same name server no matter if the host is running the VPN. I checked my /etc/resolv.conf settings in OS X and when the VPN is not running, I get the same name server reported. When I am VPN'd in, resolv.conf reports an internal name server address consistent with what I see when I am actually in the office. I should mention one other wrinkle. My dhcp server is actually an old Mac running OS 9 using the IPNetRouter software. I keep meaning to get a hardware router with dhcp for my DSL connection but maybe if I did, I'd lose this ability to let my Parallels VM still keep connected when I do VPN the host OS. I am sorry I can't help solve your immediate problem except to say that things work as expected for me still. Edit: I just quit the VPN on the host OS, re-booted the guest XP/SP2 and then ran the Cisco VPN client inside the guest. This worked as well -- got full internet access -- and the dns address reported from nslookup now is the internal office one. Jim
I had similar problems. Here's how I configured it to get both the host and client to work at the same time (using AirPort): Mac Setup: Cisco VPN 4.9.00 TCP port 10000 - no local LAN access In sharing preferences, I shared the AirPort connection and checked only Ethernet Adaptor (en2) PC (XP Guest) Setup: Cisco VPN 4.8.00 TCP port 10000 - no local LAN access I was able to get both to work independently and be able to lookup the various hosts independently regardless of the connection. My specific problem symptoms: Before sharing, from the guest, any IP address that is within the target domain of the VPN failed to resolve. If, for example, I established a VPN with vpn.parallels.com, the Windows guest could not resolve any address in the parallels domain. It could still resolve addresses outside of the domain however. Unfortunately, because it could not see any servers inside the target domain, there is no way to connect to it. Even if you try using the IP address it fails. I'm no network expert but it seems like the routing table is hosed to me. Once the connection is shared, this problem seems to disappear.
One wrinkle for me -- my cisco config is set to use UDP. That's what my network admin directs me to use. I have local LAN set to on as well. I suspect that your solution would work to get both host and guest OS's to both be VPN'd in if my Cisco server software is set to allow TCP connections. Right now I do not have a pressing need to get simultaneous VPNs from both host and guest sides. If I do, I will come back to these instructions and try it out -- if my network setup in the office allows TCP -- I would have to check that.
I have one client where I have to use this POS Cisco software. They too default to UDP but I simply switched it to TCP along time ago and opened an outbound port for it. My experience with Cisco UDP has been bad even before Parallels. I was not able to get the UDP connection to work at all but I didn't work the issue too hard. If you must go this route, it goes without saying that you should first allow all UDP traffic through your local hardware firewall (if any), then turn off the Mac and Windows firewall altogether. Once (if) you get this working, start turning on the firewalls in reverse order (Win-Mac-Hardware) and limit the high end UDP addresses on the hardware firewall.
My VPN host won't let me connect twice from the same IP address, and it sees the same IP address (that of my router) for both the Mac and the VM. What I want (I think) is for the VM to use the Mac's VPN connection. My network people are telling me that VMWare can do that. But they're also calling that a "bridged" connection. I'm so confused. Fortunately, this is only an issue for me about every other Friday when I work from home. Connected directly at the office, I have no problem. EXCEPT, since BETA6, the connection keeps dropping periodically for long enough that my SAP client loses connection to the SAP application server and I have to restart that.
