我尝试使用我的Ubuntu笔记本电脑连接到内部客户端networking,但是客户端使用Nortel的Contivity VPN,因此它只能在Windows中工作。 我的想法是使用VirtualBox和Windows XP Guestbuild立VPN连接,然后使用Windows XP作为路由器,通过VPN从我的Ubuntu主机路由stream量。
我将VirtualBox中的第一个适配器configuration为NAT,以方便访问Internet。 我将第二个适配器configuration为“仅主机”,所以现在我可以在Ubuntu主机上看到新的vboxnet0接口,并在Windows Guest中看到第二个适配器,我使用静态IP进行configuration。
我已经validation了,我可以将Ubuntu到Windows和Windows连接到Ubuntu。
路由表如下所示:
C:\Documents and Settings\val>route print =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...08 00 27 55 ee 35 ...... AMD PCNET Family PCI Ethernet Adapter #2 - Packet Scheduler Miniport 0x3 ...08 00 27 5f 3e 93 ...... AMD PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport 0x4 ...44 45 53 54 42 00 ...... Nortel IPSECSHM Adapter - Packet Scheduler Miniport 0x5 ...00 00 00 00 00 01 ...... AGN Virtual Network Adapter - Packet Scheduler Miniport =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.0.2.2 10.0.2.15 20 10.0.2.0 255.255.255.0 10.0.2.15 10.0.2.15 20 10.0.2.15 255.255.255.255 127.0.0.1 127.0.0.1 20 10.255.255.255 255.255.255.255 10.0.2.15 10.0.2.15 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.56.0 255.255.255.0 192.168.56.2 192.168.56.2 20 192.168.56.2 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.56.255 255.255.255.255 192.168.56.2 192.168.56.2 20 224.0.0.0 240.0.0.0 10.0.2.15 10.0.2.15 20 224.0.0.0 240.0.0.0 192.168.56.2 192.168.56.2 20 255.255.255.255 255.255.255.255 10.0.2.15 10.0.2.15 1 255.255.255.255 255.255.255.255 192.168.56.2 5 1 255.255.255.255 255.255.255.255 192.168.56.2 4 1 255.255.255.255 255.255.255.255 192.168.56.2 192.168.56.2 1 Default Gateway: 10.0.2.2 =========================================================================== Persistent Routes: None
192.168.56.2是在Ubuntu主机端连接到192.168.56.1的第二个适配器。
现在,当我build立VPN连接时,Contivity将更改路由表,并且不能再ping主机,主机也不能ping通guest。 以下是运行VPN的路由表:
C:\Documents and Settings\val>route print =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...08 00 27 55 ee 35 ...... AMD PCNET Family PCI Ethernet Adapter #2 - Packet Scheduler Miniport 0x3 ...08 00 27 5f 3e 93 ...... AMD PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport 0x4 ...44 45 53 54 42 00 ...... Nortel IPSECSHM Adapter - Packet Scheduler Miniport 0x5 ...00 00 00 00 00 01 ...... AGN Virtual Network Adapter - Packet Scheduler Miniport =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.0.2.2 10.0.2.15 21 0.0.0.0 0.0.0.0 192.168.32.29 192.168.32.29 1 10.0.2.0 255.255.255.0 10.0.2.15 10.0.2.15 20 10.0.2.0 255.255.255.0 192.168.32.29 192.168.32.29 1 10.0.2.15 255.255.255.255 127.0.0.1 127.0.0.1 20 10.255.255.255 255.255.255.255 10.0.2.15 10.0.2.15 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.32.0 255.255.248.0 192.168.32.29 192.168.32.29 30 192.168.32.29 255.255.255.255 127.0.0.1 127.0.0.1 30 192.168.32.255 255.255.255.255 192.168.32.29 192.168.32.29 30 192.168.56.0 255.255.255.0 192.168.56.2 192.168.56.2 20 192.168.56.0 255.255.255.0 192.168.32.29 192.168.32.29 1 192.168.56.2 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.56.255 255.255.255.255 192.168.56.2 192.168.56.2 20 192.197.71.160 255.255.255.255 10.0.2.2 10.0.2.15 1 224.0.0.0 240.0.0.0 10.0.2.15 10.0.2.15 20 224.0.0.0 240.0.0.0 192.168.56.2 192.168.56.2 20 224.0.0.0 240.0.0.0 192.168.32.29 192.168.32.29 1 255.255.255.255 255.255.255.255 10.0.2.15 10.0.2.15 1 255.255.255.255 255.255.255.255 192.168.32.29 192.168.32.29 1 255.255.255.255 255.255.255.255 192.168.56.2 5 1 255.255.255.255 255.255.255.255 192.168.56.2 192.168.56.2 1 Default Gateway: 192.168.32.29 =========================================================================== Persistent Routes: None
通过查看路由表,我不明白为什么我失去了ping 192.168.56.1能力,所以我希望得到一些帮助,或想法如何进一步排除故障。
分割隧道可能已被禁用作为VPN策略的一部分 – 标准安全惯例。 您可以与您的VPNpipe理员查看是否可以为您的VPN会话分割隧道(您可能不想保持呼吸,因为狭缝隧道通常被认为是不安全的做法)。