How to use the VPN of a Windows virtual machine on the Ubuntu host via VirtualBox

Let's assume that you cannot make a VPN connection work on your Ubuntu host OS, but you can do it in a Windows guest VM. However you'd like to keep working on your host OS. If you've an SSH server on the other side of the VPN tunnel, then you're lucky, because setting up two port-forwardings is all you need.

  1. First configure your VM: in the network settings go to the "Advanced" section of the adapter and click "Port Forwarding". Create a new rule, where protocol is TCP, Host IP is 127.0.0.1, Host Port is eg. 2222, Guest IP is empty (!), Guest Port is eg. 2222. The Guest IP must remain empty. If you put 127.0.0.1 in there too, the packets from your host won't reach the guest (at least for me they didn't with VirtualBox v5.1.22 and Linux Mint 18).
  2. Inside your Windows VM start a command prompt (run as administrator) and execute something like this: netsh interface portproxy add v4tov4 listenport=2222 connectaddress=192.168.0.23 connectport=22 (this worked for me in Windows 7). Replace connectaddress and connectport with the values that you want to connect to on the other side of the VPN tunnel. Note that if you specify a hostname for connectaddress, then Windows must be able to resolve it's address at the time, when the netsh command is executed. Thus if your remote SSH server has a dynamic IP address, you've to be a little bit creative to fully automate this process (you'll have to write a script that is executed upon a successful VPN connection to set up the port forwarding netsh rule).
  3. Inside your Windows VM create a new inbound firewall rule for the "%SystemRoot%\System32\svchost.exe" application to let connections coming to port 2222 in.
  4. If you did everything correctly, you can now use "ssh -p 2222 localhost" on your host to access the SSH server on the other side of the VPN tunnel.
To debug issues with this, I suggest first disable your firewall in the Windows VM, then start up Wireshark and check whether the expected packets appear on your VM's network interface.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Nekem úgy működött, hogy: -

Nekem úgy működött, hogy:
- Windows rácsatlakozik a VPN-re.
- Windows internetmegosztás beállít.
- Linux használja gateway-ként a windowsos guest-et. (egy db route add parancs a vpn túloldalán levő címekre)
- utána aztán lehet ssh-zni a vpn túloldalán levő gépekre

Szuper, köszönöm! Ennek az

Szuper, köszönöm!
Ennek az előnye, hogy nem csak az adott, egy darab IP+port kombót éred el vele, hanem a VPN-en keresztül szinte bármit.
Viszont az a hátránya (ha jól értettem), hogy minden alkalommal a hoszton gateway-t (routing) kell állítani.
Illetve: hacsak nem állítod a routingot subnetenként (azaz csak azon alhálózatokra állítod be a Windowst gateway-ként, amit a VPN-en keresztül akarsz elérni), minden forgalmad a VPN-en keresztül fog menni.