OpenVPN in a guest machine

Posted on 2009-05-15
Last Modified: 2013-12-23
Hi all,

On my host I have OpenVPN running and can connect to my work's office no problem.  I setup a guest Server 2008 machine in Virtual Box and have tried to connect using the TAP interface bridged, and have tried my physical interface connecting through OpenVPN in the guest.  Seems to connect with the latter, but am unable to access work resources.

Can someone assist me with getting my guest OS to conenct?
Question by:isz-expert
  • 6
  • 4

Expert Comment

ID: 24398224
Can you provide your routing table. This at first sounds like your missing a route somewhere and the other machines are not finding your host.Are you behind any NAT also?

Author Comment

ID: 24398329
I was natting at first from a Vyatta Router, but I plugged my laptop into my DDWRT Lynksis router, no nat.

 - XP
 - LAN 1
  - IP 192.168.1.XXX
  - Gateway .1.1
 - LAN 2 (TAP)
  - IP 10.0.XXX.YYY
  - Gateway
 - LAN 3 (VirtualBox)
  - Gateway


Author Comment

ID: 24398736
Host Table

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\tworden.GT-CVILLE>netstat -rn
Route Table
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 19 d2 d0 52 39 ...... Intel(R) PRO/Wireless 3945ABG Network Connection
 - Packet Scheduler Miniport
0x5 ...00 16 41 e6 db be ...... Intel(R) PRO/1000 PL Network Connection - Packet
 Scheduler Miniport
0x6 ...00 ff ef a2 89 d4 ...... TAP-Win32 Adapter V8 - Packet Scheduler Miniport
0x7 ...08 00 27 00 14 33 ...... VirtualBox Host-Only Ethernet Adapter - Packet S
cheduler Miniport
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
       20       1       1       30       30       30       1       30       20       20       20       20       20       20       20       20       20       20       20       20       30       20       20       20       20       1       1       1               4       1       1       1
Default Gateway:
Persistent Routes:
C:\Documents and Settings\tworden.GT-CVILLE>

Open in new window

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.


Author Comment

ID: 24398748
That is with OpenVpn connected on the host.

Expert Comment

ID: 24400044
From your 2008 box can you do a traceroute to one of your work systems and also would be helpful to see a trace coming from work back. It seems like work doesn't know to route properly.

What is using as it's default gateway?
Can you only access work from the one system running OpenVPN or from other systems on your LAN also?

The reason I ask is that if work is not routing any of the 192.x.x.x addresses to your 10.x.x.x address you get from OpenVPN then the server will not be able to talk to work via the Host system.

Do you get a static address on your OpenVPN connection to work?

Author Comment

ID: 24400386
Scenario 1:
With my virtualbox 2008 guest machine set to bridged networking to the TAP interface, I start up the virtual machine and see my ipconfig  This shows that I am not connected to the internet.  I would think that the guest would bridge to the VPN connection on my XP host.

Scenario 2:
With my virtualbox 2008 guest machine set to bridged networking to the Inte Pro/1000 interface on my laptop, I start up the virtual machine and see my ipconfig connects to the internet and has an IP of  I installed OpenVPN in the guest thinking that in bridged mode, I should appear like any other machine on this subnet.  When I connect OpenVPN, it says connected (green icon) gives me an IP of, but I can't access any work services, like sql server, etc.  I have also attempted to change the binding order as described here:;en-us;311218

Running tracert results in eventual timeouts.

Scenario 3
This is where I set VirtualBox's network adapter to NAT mode.  Here I get an IP of and a Gateway of  When I connect OpenVPN in the guest, again I connect with the IP, but can't access any work resources.

These last two scenarios I make sure that the host OpenVPN connection is off.

And, just to be clear, I am able to connect and access resources with my host's vpn connection, I just want to be able to get my virtual machine to as well.


Accepted Solution

cwalter9 earned 500 total points
ID: 24402346
If you only get 1 IP address from work and it seems to be a static address then you won't be able to have both tunnels up at the same time but you seem to be not doing that.

You will need to setup NAT on your host to NAT your 2008 server on Virtual Box.

When in scenario 2 make sure your host doesn't have a firewall that is blocking your guest 2008 machines traffic to work.

Author Comment

ID: 24402797
Nice... that did the trick!

I went to the host virtual interface for OpenVpn, which is called "Tap-Win32 Adapter V8" aka "Local Area Connection 2", right-click > Properties.  Select the Advanced tab, check Allow other network user to connect though this computer's internet connection (Internet Connection Sharing area).  Then in the drop down box, I selected the VirtualBox Host-Only Network.

With this configuration I started OpenVPN on the host, started my virtual machine and was able to access work resources.

Seems like ICS is pretty much the same thing as NAT?  If there is a way to configure NAT specifically in XP, or if you know of a tutorial that would be good to go from, please send my way.

Thanks for the help!!


Expert Comment

ID: 24403245
Nope in XP iCS does the job of NATing the IP addresses so the resources behind that machine or inside that machines VM can talk to outside resources but look like the host.

Author Comment

ID: 24403718
I see... sounds like a masquerade, which I've configured on my Vyatta router, but systems approach things differently.  There appeared to be another 'Advanced' button that provided a pop-up of selectable services, ie DHCP, HTTPS, etc. I imagine I could open up such services from the guest.  But It's a dev machine so it shouldn't be sharing anything.


Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VMware Vsphere Database Redundancy 1 44
windows explorer default details view 10 57
CISCO Router 1 29
Error upgrading from esxi 5.5 to 6.5 15 82
HOW TO: Upload an ISO image to a VMware datastore for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere Host Client, and checking its MD5 checksum signature is correct.  It's a good idea to compare checksums, because many installat…
In this article, I will show you HOW TO: Create your first Windows Virtual Machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, the Windows OS we will install is Windows Server 2016.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This Micro Tutorial walks you through using a remote console to access a server and install ESXi 5.1. This example is showing remote access and installation using a Dell server. The hypervisor is the very first component of your virtual infrastructu…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question