Solved: Re: How to get Cisco VPN working in a VM

akadmon · ‎01-05-2008

So yesterday I installed Cisco VPN software inside my W2K Pro VM and was oh so thrilled to see that I was able to

connect to my company's network (so it seemed), until I fired up IE and

realized I was not connecting to the internet Also, the access to Shared Folders on the Mac side became broken at the same time It seems that the VPN somehow breaks network sharing between the VM and OSX. As son as I close the VPN connection, I'm able to connect to the internet and the shared folders. Anyone know how to fix this?

fuzzy-wan · ‎01-05-2008

I can connect to my company's VPN without losing local network functionality. But that doesn't necessarily mean that the Cisco client will work the same way for everyone -- my mother's laptop loses internet access when she's connected to her VPN, and that's on an actual Windows PC.

For what it's worth, I'm running Fusion in Bridged mode (but I was using the client under NAT before that). The Transport tab in the client is set to use transparent tunneling with IPsec over UDP, and "Allow Local LAN Access" is actually turned off. I don't know how much those settings depend on the router, though.

View solution in original post

Bob_Zimmerman · ‎01-05-2008

Were you able to connect to resources inside your company's network? Have you done this before on a physical Windows machine? Is the behavior different?

fuzzy-wan · ‎01-05-2008

I can connect to my company's VPN without losing local network functionality. But that doesn't necessarily mean that the Cisco client will work the same way for everyone -- my mother's laptop loses internet access when she's connected to her VPN, and that's on an actual Windows PC.

For what it's worth, I'm running Fusion in Bridged mode (but I was using the client under NAT before that). The Transport tab in the client is set to use transparent tunneling with IPsec over UDP, and "Allow Local LAN Access" is actually turned off. I don't know how much those settings depend on the router, though.

admin · ‎01-05-2008

Are you able to ping servers on your intranet (e.g. is it just DNS that's not working)? If you're using network shares to the Mac side (as opposed to Fusion shared folders), I wouldn't be completely surprised if they didn't work while the VPN is active - I believe many VPNs disable local network access for security, and since the network share is local...

akadmon · ‎01-06-2008

fuzzy-wan -- I was able to get things working after switching to bridged mode. Unfortunately, it turns out the VPN connection doesn't do me any good, since my computer (read the VM) is not joined to the company domain, which it seems is the only way to access mail in Outlook and networked drives in the File Explorer. I can access all this using web based VPN, but that is painfully slow and unwieldy. Oh well -- corporate paranoia wins again.

Technogeezer · ‎01-06-2008

You're right on the money with this. My company uses Cisco VPN software, and it is configured to have restrictions on local network access. However, the OP should check to see if his IT department has any workarounds. Cisco VPN software can allow local network access if the VPN software and/or network is configured appropriately.

- Paul (Technogeezer)
Editor of the Unofficial Fusion Companion Guides

dp_fusion · ‎01-06-2008

The Cisco VPNClient has an option to disable access to the local net so you might want to check that. I'm using the VPNClient in OS X with Windows/linux running with NAT networking. This way everything, host and guests, sees the company net. Running the VPNClient in the guests complicates things in terms of access. It does require manually configuring DNS name servers for each guest os so the guests can find corporate net resources, but that's a one-time setup.

Edit: I should add that the server side has to permit local net access in addition to having the local access checked. The server can override your wishes and still disallow it.