Hi ,

Have a look at this Knowledge Base article: . You may need to tell Fusion to use the VPN adapter rather than using another or Autodetecting.

Stephen Gardner

Desktop Technical Support Specialist

VMware Inc.

Hi,

I never got this to work with VMWare 2, now I upgraded to VMWare 3.1 in hopes that I could use the above knowledgebase article - no luck.

Under OS X, I have three VPN network adapters defined, they show up in my networking panel, as per screenshot. They are OS X native VPN connections for a Cisco router.

In VMWare 3, they are not available as networking choices in the popdown menu, as per the second screenshot.

I noticed another thing: When OS X connects via iPhone internet tethering, and I run the VPN over the iPhone, the VMWare Windows will just go over the VPN using NAT mode. This is what I want. But for some reason it doesn't work when I am connected via WiFi.

From the KB article

Note: You cannot specify the network adapter to use if you're using NAT mode. Fusion will use your primary network adapater (the first one in the list in the Network pane of System Preferences).

Best

I know, but the VPN connections do not show up in Bridged mode either, see the screen shot I posted above.

So to summarize:

- It doesn't work in NAT mode over WiFi

- It doesn't work in bridged mode because the VPN connections do not show up as choices in the popup. See screen shot above.

- It does work in NAT mode when connected via iPhone tethering or my USB 3G modem.

So for now, what I do is when I need Windows to be on the VPN, I turn off Airport, then connect my iPhone, enable VPN, then use VMWare Fusion in NAT mode. It's rather inconvenient.

System Preferences is Mac OS X, not VMware

I was talking about the other screenshot, this one:

This shows Bridged mode, and also shows no VPNs. That's the problem. I only included the OS X screenshot to prove that I, in fact, have several VPN configs, which should show up as choices in the bridged mode popup.

That is not System Preferences, but is Settings in VMware

@ChipMcK

May I kindly ask you that if you have no information about the matter at hand, you stop posting under this topic? This is just wasting both your and my time, as well as everyone's who is reading this topic and actually interested in running the Windows guest over the host VPN.

Thank you.

You won't see the VPN's listed as networks because they aren't adapters.

I use the built-in VPN to a cisco router, set the VM to autodetect adapter, and NAT, and the appropriate traffic is routed properly automatically. Make sure you do NOT use locations in OSX. The VM should be configured to use DHCP for both DNS and IP configuration. You probably will have to either reboot the VM after connecting the VPN, or open a command prompt and do ipconfig /release then ipconfig /renew.

^^ Thanks for that - so that means that it's supposed to work over WiFi just with the NAT setting.

That makes sense since it works for me just as it should when connected over iPhone tethering. So that means something about VMWare or my WiFi settings (which are all set to automatic, BTW) doesn't work together, e.g. it's a bug, and specific to my configuration.

I will try to uninstall and reinstall Fusion, and delete all settings - let's see if it helps. It's good to know that this is supposed to work at least.

Yep it definitely does with NAT (with 3.11 - NOT with version 2) using the 10.6 built-in VPN. celluar company software screws up networking by creating additonal locations - so that may be your issue. If you have it installed, uninstall it (with their uninstaller, not just drag to trash) and see if that fixes it. I never install provider software.

Why does it not work with the OS X locations feature? I use this from time to time - is VMWare Fusion incompatible with locations?

Just wondering before I remove my locations. I also have a CDMA modem + have had issues with that and Fusion in the past - not because of locations, just because the modem network driver somehow conflicted with the VMWare Fusion networking drivers. I used to have to turn off Fusion per command line before the CDMA modem would work. That was fixed sometime in version 2 but maybe there's still issues.

Locations are an old feature that really isn't needed any longer. It's not a Fusion issue - I've seen problems with a lot of different applications. You shouldn't need to install any software to get most modern modems to work on 10.6. If you upgraded from 10.5 with those installed they may very well be causing the problem. Wireless carrier software is notorious for installing out of date and unneeded drivers on OSX (and massively screwing things up).

I've managed to get it to work with Cisco VPN. I never thought to try as I had this idea that Max OS X native VPN would be more tested, and better. But apparently that's not the case.

So here is what I do:

- I connect to our company VPN using the Cisco VPN client (VPNClient.app). VMWare in NAT mode runs over the VPN as it should - no issues at all

- I connect to the same company VPN using Mac OS X native VPN network adapter. This works fine for everything I do in OS X, I have full VPN access as far as I can tell. But VMWare *doesn't* run over the VPN on WiFi, the Windows client can't access any VPN-only sites.

This is a good-enough workaround for me. I guess VMWare Fusion has some issues with OS X native VPN / WiFi, or something about my native VPN settings is wrong, though if that were the case I don't think it would work over native VPN when I use iPhone tethering. I wish there was a way to debug this and get to the bottom of it.

The CiscoVPN client conflicts with the built-in VPN and causes all sorts of havoc on the OSX side.  Even having it installed screws things up, and it's absolutely not recommended to have it installed on 10.6 (at least by my network experts).

So if you want the built-in one to work (and it does for me and thousands of others at my company just fine), do this:

1) Uninstall the CiscoVPN (Anyconnect is OK - just not the actual VPN client app).

2) Uninstall any 3G Modem software (it screws up network stacks in many cases)

3) Remove any 'locations' you've created in the network preferences (hardly ever necessary any longer)

4) Configure the VPN while the Airport is active

5) Configure the VM to use NAT

Then when you're ready to run it, do:

1) Connect OSX VPN

2) Boot (not just resume) virtual machine

And it should work fine.  You can also force the VM to rediscover the VPN by doing ipconfig /release and ipconfig /renew in a command prompt inside it - that forces the DNS pass-thru to reactivate.

My VPN works over both LAN and Airport connections without issue.

I wish there was a "Yes, I think the question has been answered, but I am going to test this for a while before I really trust it"

Anyway - @dlhotka - That seems to have worked!

I removed various 3G drivers I had installed (Novatel Wireless)

Removed some VirtualBox network drivers I found lying around as well, to be safe

Saved all PCFs I have as uninstalling Cisco VPN will delete them too.

I uninstalled Cisco VPN (I know it's a POS)

I removed locations - only used sporadically these days anyway

Restarted the system to get rid of the kexts for good

Deleted and re-created the OS X VPN connection

Rebooted the VM Windows client

=> It works! I am able to access VPN only sites from Windows, over WiFi, using NAT mode!

Since it's worked sporadically before I am holding off on the "solved" but I am optimistic here. This is great!

On a general note, it seems to me as if the OS X networking stack is simply very unstable. That is, different program that install different networking extensions just don't get along. Cisco VPN installs stuff; VirtualBox installs stuff; Parallels installs stuff; VMware Fusion installs stuff - conflicts arise.

I blame it on the OS X networking architecture more than anything else.

🙂 Glad to hear it worked, and I can't blame you for holding off for a bit.

I find that issues with OSX are often tied to two things in the list:  1) The use of locations, which is an old, out-of-date capability that really isn't necessary (unless you're trying to have fixed IP's on different networks), and 2) very very very very bad 3G software from cell modem vendors (which also screws up windows).  OSX is worse because it also conflicts with the built-in code for most modems.

But yep, I think the stack could use some fiddling.  I had an issue under 10.5 and Fusion 1 where the particular order the kext's were loaded would impact what the behavior was - kept having to start and stop Fusion's to get stuff working.

Well - sigh. Once again, it's not working.

I now don't have any 3G drivers installed; I don't have any locations; etc. It worked the first time I tried. Now, it's once again not working.

I restarted the Windows client - didn't help. Then I restarted VMWare from the command line (stop / start VMWare). Didn't help. I did verify that I was able to reach the website on WiFi / VPN in Safari just to rule out any issues with my connection or the VPN itself.

Because I really had to get on my company VPN with Windows, I then turned off airport and used my iPhone tethering connection, connected that to VPN and, once again, no problem. VMware got on the VPN just fine o the first try, without restarting anything.

This is very annoying, it seems to keep coming back. It's broken. Is there a way to fix this? Is there anything I can do to further debug this - is there a debug mode in VMWare or some logs that show what's going on? Since I have now removed all other 3rd party networking software, I am convinced the problem is with VMWare networking drivers.