VirtualBox

Ticket #2993 (closed defect: invalid)

Opened 8 years ago

Last modified 9 months ago

VPN Guest support PPTP etc

Reported by: hanasaki Owned by:
Priority: major Component: network
Version: VirtualBox 2.1.0 Keywords: vpn pptp gre
Cc: Guest type: Linux
Host type: Windows

Description (last modified by frank) (diff)

Please support PPTP and other vpn's in the client. looking for options like

  1. host is not on vpn - guest (windows/linux) can open its own vpn to a server while on a NAT or Host interface networking (gets its own IP)
  2. host is on vpn - guest automatically uses the vpn the host is on -- this works in vmware

A big business driver for this is the case where I have developers that are remote and need to access the internal network from a "canned" "turnkey" development environment provide by an virtual machine image (windows and linux are in use - ie: would be the guest) generally on a windows host however linux hosts are possible.

I'm not really sure if this should be a defect or enhancement. In either case it is desirable and also shows up in:

Note the manual - section 6 - says that the GRE will not work on a NAT interface... It also does not work on host interface networking (which would be a work around for now...) NAT is needed because there are times the remote folks are using a wireless PHONE card which will only provide a single IP via dhcp.

Change History

comment:1 Changed 8 years ago by frank

  • Description modified (diff)

comment:2 Changed 8 years ago by hanasaki

Is this addressed and enabled in vbox 2.2 ? on which host OS's?

comment:3 Changed 7 years ago by frank

  • Status changed from new to closed
  • Resolution set to fixed

No response, closing.

comment:4 Changed 5 years ago by vic

  • Status changed from closed to reopened
  • Resolution fixed deleted

This issue is still present in version 4.1.8 Windows x64.

comment:5 follow-up: ↓ 6 Changed 5 years ago by klaus

  • Status changed from reopened to closed
  • Resolution set to invalid

Reopening tickets without providing ANY information is very rude. Please provide details (VBox.log, what VPN client you use etc.). So far there's no evidence that anything isn't working as designed.

comment:6 in reply to: ↑ 5 Changed 5 years ago by taker

Replying to klaus:

Reopening tickets without providing ANY information is very rude. Please provide details (VBox.log, what VPN client you use etc.). So far there's no evidence that anything isn't working as designed.

Klaus, the issue is definitely present in 4.1.8, even if people don't want to provide logs of their PCs. Vbox.log reveals too much information for those who want to stay anonymous - and therefore use vpn. The issue is present with GRE and VPN PPTP client in x64. The same ubuntu amd64 system works perfectly fine without Vbox and being installed inside vbox fails to connect to the same vpn server with all the same settings and PPTP protocol. You can easily remodel the situation and use your own Vbox.log, of course if you want to. I don't think that trying to improve your product without providing all sensitive information about one's PC is very rude, but that's my personal opinion.

comment:7 Changed 9 months ago by ak2766

Being that PPTP is broken, why not use L2TP - it works quite well in the following set up:

Windows Server 2012 L2TP/IPSec w/ PSK VPN server (PSK is a bad idea, but ease of use makes a lazy systems administrator (me) take that route; use certificates where possible; don't follow my lead)

Linux host (Ubuntu 15.10) Windows guest (Windows 7 Pro 64-bit)

The key this is that Windows by default expects there to not be NAT-T; as such, you need to modify the registry:  http://serverfault.com/questions/489325/l2tp-server-allows-connections-through-firewall-for-iphone-ipad-but-not-windows

Remember to reboot (or restart "Network Connections" service) after registry edit before you can successfully connect to VPN.

Hope this helps someone - it stamped me for a long long time until I stumbled upon the ServerFault link after realizing that Android and iOS devices could connect but not Windows.

Cheers, ak.

As for the state of PPTP, have a read here:  https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

And more recently (Nov 2015):  https://forum.pfsense.org/index.php?topic=102976.0

Last edited 9 months ago by ak2766 (previous) (diff)
Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use