NATD and VPN via Parallels Host-Guest Adapter

Discussion in 'Parallels Desktop for Mac' started by jmwapple, Sep 8, 2006.

  1. jmwapple

    jmwapple Bit poster

    Messages:
    1
    I decided I wanted to use network address translation for my guest OS even when I was using a VPN connection on the OSX side. The Internet Sharing panel will not support the ppp0 (VPN) interface. My university network requires wireless connection via VPN so this required a more flexible solution. I would love for later versions of Parallels to provide this capability to users without requiring them to jump through the shell scripting hoops.

    I configure Parallels to use Network Adapter: Host-only networking.
    I hard code the Window XP Internet Protocol Properties to:

    ‘Use the following IP address’
    IP address: 192.168.2.2
    Subnet mask: 255.255.255.0
    Default Gateway: 192.168.2.1

    and I set the DNS servers to use my universities DNS servers.

    I configure the OSX Parallels Host-Guest Adapter to:

    Manually
    IP Address: 192.168.2.1
    Subnet Mask: 255.255.255.0
    Router: Leave Blank

    You should be able to ping 192.168.2.1 from a command prompt with Windows XP.

    I created a couple of csh scripts (see attached files) to activate and deactive the ip forwarding, natd and firewall settings. If you wish to use the files, save the attachments to your home directory, rename the files to remove the .txt extensions and make them executable.
    You can use a terminal shell to do this.

    mv naton.txt naton
    mv natoff.txt natoff
    chmod 700 naton natoff

    Activate your VPN connection using the OSX network settings and the Internet Connect application. Activate the natd via the VPN connection with the following command.

    sudo ./naton ppp0

    You should now be able to use the Internet within Windows XP via your active OSX VPN connection. You can deactive the natd feature with the following command

    sudo ./natoff

    You can also use the 'sudo ./naton en0' command to share your wired ethernet connection using natd. You can also use the 'sudo ./naton en1' command to share you wireless connection without VPN. I prefere to do this instead of using the Internet Sharing preferences pane since I don't need to activate a DHCP or named process and risk serving DCHP addresses out of the wrong interface. This would aggravate network admins.

    The naton command contains the following text:

    #!/bin/csh
    if($1 != 'en0' && $1 != 'en1' && $1 != 'ppp0') then
    echo $1 is not en0 en1 or ppp0
    else
    echo Activating internet sharing via $1
    /usr/sbin/sysctl -w net.inet.ip.forwarding=1
    natd -u -n $1
    ipfw add 97 divert natd ip from any to any via $1
    endif

    The natoff command contains the following text:

    #!/bin/csh
    /sbin/ipfw delete 97
    kill `cat /var/run/natd.pid`
    sysctl -w net.inet.ip.forwarding=0
     

    Attached Files:

    jmwapple, Sep 8, 2006
    #1

Share This Page