I want to use a guest OS via VMware Player. In that OS I run a Cisco VPN client.
My resources are located in two different networks. I need access to them at the same time - but not necessarily in the same GUI.
One solution could be to create two accounts on my guest, and log in to one the "usual way", and the other via remote desktop.
The problem is that when I enable the VPN client, the network connection is system wide, which means that it also affects the remote desktop user.
I would like to get different network interfaces (LAN1, LAN2, LAN3, etc.) separately available for each user. Is that possible?
- Host: Debian stable x64
- Guest: Windows 7, or Windows Server 2008 R2
- VMware: VMware Player
答案1
Is your VM networked using NAT (so that outgoing connections use the host IP)? If so, you could use bridged networking instead, which would give the VM its own IP address, and so be presented as a unique source to the VPN gateway. This is provided your outgoing connections are not NATted to a single public IP address as they traverse the internet on the way to the VPN gateway. In which case you'd need a router that supports multiple VPN sessions (you would need this even if the two VPN clients were on two physical boxes).
Update In bridge-mode, the VM gets its own virtual interface. It is bridged to the physical interface just so it can communicate on the ethernet cable plugged into the physical interface. Other than that, it is effectively separate from the IP stack on the physical interface. This means that any routing that takes place on the physical interface isn't relevent - the VM is not even aware of it. It has its own IP address and its own routing table. It gets its IP from your dhcp server on your network or is statically assigned. If it wants to talk to the internet router, it has to do an arp request for it and communicates directly.
Having said all that, the Cisco VPN client is sometimes sneaky. It is possible that it is blocking any traffic traversing the interface it has bound to its VPN adapter that does not originate from the machine it is running on. In which case, you will need a separate nic dedicated to the VM.