Bridging VirtualBox over OpenVPN TAP adapter on Windows
I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built.
My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize.
I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem.
Any idea why the host can use this interface, but the VM can't?
Solution 1:
Here's my solution:
Windows 7 Home Premium 64bit Host. Virtual Box Ubuntu 12.04 64 bit.. Internet through VPN over OpenVPN
In Virtual Box set the adapter to Host-Only Network
OpenVPN on Win 7 (host). Connection established with OpenVPN GUI on TAP-Win32 Adapter V9. (Filesharing and all protocolls but IPv4 deactivated)
This adapter is then shared with VirtualBox Host-Only Network via the rightclick - properties - internet connection sharing dialog.
In Ubuntu (client) manually configure the network adapter to be in the same subnet as the "VirtualBox Host-Only Network" on the host and set the host ip as gateway/dns.
e.g: HOST VirtualBox Host-Only Network set to IP 192.168.137.1 Subnet:255.255.255.0 CLIENT Network Adapter set to IP 192.168.137.2 Gateway:192.168.137.1 DNS 192.168.137.1 Subnet 255.255.255.0
Thus the VB-Client Ubuntu will ALWAYS use the VPN, and if no vpn connection is established will not use anything else.
The host can chose between VPN and direct Internet by setting network adapter priority.
Solution 2:
You're going to have to clarify your configuration if you want a good answer.
- Are you trying to connect to the VPN using the Windows Host? (hint: this is more complicated)
- Are you trying to connect to the VPN using the Linux VM? (hint: this is probably what you want)
- Are you trying to connect both at the same time? (hint: this probably won't work)
Without knowing these answers, plus more about how the VM networking and VPN connectivity is configured, I can only make general suggestions.
If you're wanting to connect via OpenVPN from the Windows host, and then run things from your VM host, you're likely going to have to configure connection sharing on the Windows host to forward that traffic through the VPN. Depending on on your network configuration, you will probably also have to make sure you have your VM configured to route it's traffic towards the VPN.
The way you probably want to configure this, however, is to use the Windows host for general network connectivity only (not VPN), and configure OpenVPN on the Linux VM, letting the VM make the VPN connection. That should simplify your setup (as I understand it, based on your question), and give your Linux VM much more direct connectivity via the VPN.