On Wednesday 14 February 2007, Tim Day wrote: > The question of how to establish a connection into a NAT-mode vbox (and > the answer "you can't") seems to have come up a few times here. > > I'd suggest that those who long to ssh, ping, http and VNC their way > into their NAT-mode VBoxes, but who like me are scared off by the > apparent complexity of the bridging setup described in the VBox docs, > take a look at OpenVPN instead. > > The below (adapted from howto at http://openvpn.net/static.html ) works > nicely for a Debian Etch host at 192.168.7.3 running a Debian Etch guest > in a NAT-mode VBox: > > As root on host: > apt-get install openvpn > echo 1 > /proc/sys/net/ipv4/ip_forward > cd /etc/openvpn > openvpn --genkey --secret vboxvpn.key > cat<<EOF > debianvm.conf > dev tun > ifconfig 10.8.0.1 10.8.0.2 > secret vboxvpn.key > keepalive 10 60 > EOF > openvpn debianvm.conf > > As root on guest: > apt-get install ssh openvpn > cd /etc/openvpn > scp [EMAIL PROTECTED]:/etc/openvpn/vboxvpn.key . > cat<<EOF > debianvm.conf > remote 192.168.7.3 > dev tun > ifconfig 10.8.0.2 10.8.0.1 > secret vboxvpn.key > keepalive 10 60 > EOF > openvpn debianvm.conf > > Both openvpns should spew some stuff ending with "Peer connection > initiated... initialization sequence completed". > > As user on host: > ping 10.8.0.2 > ...responds... > ssh -l root 10.8.0.2 > ...and you're in; enjoy... > > [There's nothing special about ssh; e.g a host-side xtightvncviewer > connecting in to a tightvncserver running on the guest works fine too]. > > Niceties like automatic startup of openvpn, local routing to the VPN > subnet, updating /etc/hosts entries, dealing with multiple VBoxes etc > are left as an exercise. > > OpenVPN should cope well with guests actually being moved around host > machines: so long as the above guest has routing to the OpenVPN server > at 192.168.7.3 it should always be possible to connect into the guest > via 10.8.0.2 regardless of the host's IP or the address assigned the to > the guest's eth0 by the NAT VBox DHCP.
Looks interesting. Will it interface with Microsoft's VPN in Windows? _______________________________________________ vbox-users mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-users
