FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 11-14-2009, 03:20 PM
Cassiano Leal
 
Default Hooking Debian to a Windows VM VPN connection

Hi list,

I would like to know if it is possible to achieve what I am trying to.

Here's the situation.. In my work I have a few tools that only work on
Windows. Apart from that, to hook to the company's VPN I need some
proprietary tools that again only run on Windows. To work around these
issues I have installed Win XP on a VM using VirtualBox. This way I
can use most stuff on Debian and the few tools that are Win-only I run
inside the VM.

The problem is that I need to work from home sometimes and, again, the
VPN only works on Windows. I can use the VPN on the VM all right, but
wanted to be able to hook my Debian network to the VPN that's running
on Windows.

The VM's network is set to bridge mode, which means that it connects
directly to the router and has its own LAN IP. It is using the same
interface as Debian (the wifi card in this case), but they have
different IP addresses and can talk to each other. I even set up an
SSH server on the VM and could connect to it from Debian.

The problem seems to be that when I connect Windows to the VPN it
grabs a VPN IP address and changes the routing table. From that point
on I cannot talk to the Windows machine from Debian anymore.

Does anybody have any idea how could I achieve VPN connectivity on
Debian in this scenario?

I appreciate any comments.

Thanks,
Cassiano Leal


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-14-2009, 07:14 PM
Joe
 
Default Hooking Debian to a Windows VM VPN connection

Cassiano Leal wrote:

Hi list,

I would like to know if it is possible to achieve what I am trying to.

Here's the situation.. In my work I have a few tools that only work on
Windows. Apart from that, to hook to the company's VPN I need some
proprietary tools that again only run on Windows. To work around these
issues I have installed Win XP on a VM using VirtualBox. This way I
can use most stuff on Debian and the few tools that are Win-only I run
inside the VM.

The problem is that I need to work from home sometimes and, again, the
VPN only works on Windows. I can use the VPN on the VM all right, but
wanted to be able to hook my Debian network to the VPN that's running
on Windows.

The VM's network is set to bridge mode, which means that it connects
directly to the router and has its own LAN IP. It is using the same
interface as Debian (the wifi card in this case), but they have
different IP addresses and can talk to each other. I even set up an
SSH server on the VM and could connect to it from Debian.

The problem seems to be that when I connect Windows to the VPN it
grabs a VPN IP address and changes the routing table. From that point
on I cannot talk to the Windows machine from Debian anymore.

Does anybody have any idea how could I achieve VPN connectivity on
Debian in this scenario?

You just say 'VPN', which is becoming a generic term for any kind of
remote access protocol. Do you actually mean a VPN such as OpenVPN,
PPTP, L2TP or IPSec, or do you mean a remote desktop system such as
provided by X, Windows RDP or Citrix? The default Windows true VPN,
obtained without any third-party software or certificate configuration,
is PPTP.


One important use of a true VPN is to connect to a secure Internet proxy
from a physical location in an insecure network, such as a public Wi-Fi
facility. In this case, it is necessary for all traffic from the client
to pass through the proxy once the VPN is open, and to facilitate this,
Windows clients have a tickbox in the VPN configuration called 'Use
default gateway on remote server' or something similar. This is selected
by default.


If what you are using really is a Windows VPN, then look for this
tickbox in the configuration dialog box and untick it. The Windows
client will then only route traffic intended for the remote LAN through
the VPN. Make sure, as always with routed networks, that physical
network addresses at both ends of the VPN are different. By default, the
VPN itself bridges from the client VPN endpoint to the remote VPN
server, but routes between the client's physical LAN and that VPN endpoint.


Some information which you may not have and which may extend your options:

-Windows XP Professional and Vista Business (or higher) workstations can
be remotely controlled using Remote Desktop Protocol. If your workplace
has an unused machine running one of these operating systems (or a
Terminal Server), either Linux or any version of Windows may be used as
a client to login remotely. This uses a single TCP port, unlike the
Windows VPNs which use an additional IP protocol, and can be tunnelled
over SSH where a remote server exists. It is also (recent versions)
considered secure enough to work directly across the Internet.


-Linux has a client which can connect to a Windows PPTP VPN server. This
can be used to operate web-based software on the remote LAN, to access
files, or to tunnel RDP if the company has a policy not to allow RDP
directly from the Net.


--
Joe


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-14-2009, 09:30 PM
Chris Davies
 
Default Hooking Debian to a Windows VM VPN connection

Cassiano Leal <cassianoleal@gmail.com> wrote:
> [...] to hook to the company's VPN I need some proprietary tools that
> again only run on Windows [...]

Do you know for a fact these VPN connection tools only work on
Windows? (And more importantly, would you prefer to run your VPN
connection from your Debian system is you could?)


> Does anybody have any idea how could I achieve VPN connectivity on
> Debian in this scenario?

You need to provide some details, like the type of VPN connection you're
using, for a start. CISCO IPSec works fine for me (including the use of
a security token). As does any flavour of OpenVPN.

Chris


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-14-2009, 10:40 PM
Cassiano Leal
 
Default Hooking Debian to a Windows VM VPN connection

Joe, thanks for your comments. See my own below:

2009/11/14 Joe <joe@jretrading.com>:
> Cassiano Leal wrote:
>>
>> Hi list,
>>
>> I would like to know if it is possible to achieve what I am trying to.
>>
> You just say 'VPN', which is becoming a generic term for any kind of remote
> access protocol. Do you actually mean a VPN such as OpenVPN, PPTP, L2TP or
> IPSec, or do you mean a remote desktop system such as provided by X, Windows
> RDP or Citrix? The default Windows true VPN, obtained without any
> third-party software or certificate configuration, is PPTP.

The VPN I am referring to is a CISCO VPN that's provided by a
vpnc-compatible "dialer" and that provides access to the corporate
network of the company I work for.

> If what you are using really is a Windows VPN, then look for this tickbox in
> the configuration dialog box and untick it. The Windows client will then
> only route traffic intended for the remote LAN through the VPN. Make sure,
> as always with routed networks, that physical network addresses at both ends
> of the VPN are different. By default, the VPN itself bridges from the client
> VPN endpoint to the remote VPN server, but routes between the client's
> physical LAN and that VPN endpoint.

By Windows VPN I mean the VPN connection that I have established on Windows.

Thanks


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-14-2009, 10:46 PM
Cassiano Leal
 
Default Hooking Debian to a Windows VM VPN connection

2009/11/14 Chris Davies <chris-usenet@roaima.co.uk>:
> Cassiano Leal <cassianoleal@gmail.com> wrote:
>> [...] to hook to the company's VPN I need some proprietary tools that
>> again only run on Windows [...]
>
> Do you know for a fact these VPN connection tools only work on
> Windows? (And more importantly, would you prefer to run your VPN
> connection from your Debian system is you could?)
>> Does anybody have any idea how could I achieve VPN connectivity on
>> Debian in this scenario?
>
> You need to provide some details, like the type of VPN connection you're
> using, for a start. CISCO IPSec works fine for me (including the use of
> a security token). As does any flavour of OpenVPN.
>
> Chris


The connector is actually a vpnc-compatible CISCO VPN Client. I can
actually establish a connection to the VPN gateway from Debian, but it
does not allow me to reach any hosts.

On Windows, after the VPN connection is established, a Cisco Clean
Access Agent does a few checks and then validates the connection.
There is no agent that runs on Linux and the only way to get access to
the network is after validating the Windows machine via this CCA
Agent.

There used to be an authentication page for when somebody connected
from a non-Windows OS, but that's gone too, so I am really stuck to
using the VPN from Windows. Stupid, I know...

Any other ideas?

Thanks for all comments so far!
Cassiano


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 06:23 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org