I am a management consultant and I work mostly of the time remotely. One of my client is in USA and other one in Eastern Europe. Sometimes I have to fly to eastern europe at another client's site for couple of days. When I am in Eastern Europe, I still want to be able to show USA IP address when I connect through Cisco VPN client to my USA customer's network. Last couple of times, my Eastern European IP address showed up in USA client's log and the their IT freaked out. For the purposes of this discussion, let's assume that I have to have USA IP address if I am going to connect to the cisco VPN even though I am outside USA. (disclaimer- I am not doing anything illegal)
Install a VMWare player and configure it as NAT. Get USA based VPN (for ex. smallvpn.com) and connect host to my personal VPN, then boot up the vmware and connect it to the cisco vpn. Everything seems to be working fine as far as emails and applications are concerns on the vmware but I am not a network guy so I am 100% sure whether there is any chance that I might alarm the USA customer's IT will this approach if they see something weird in the trace. USA based customer's employee sometimes use vmware to conenct to the network- just fyi. Is my assumption correct that if my host has USA based via personal vpn then the NAT based vmware will have USA based IP too?
Here is some info which should help us determine whether all the vm guest OS traffic is going to host OS vpn or not. I have attached host and guest OS pathping print out. I have removed the name of the host from the log.
Here is what I did:
- powered off vmware, start vpn1 on host OS
- powered on vmware in NAT mode and ran "pathping goolge.com"
Here is the output. The output is same with or without vpn1 on host OS. I did restart the vmware after switching the vpn1 on and off on host.
---
Tracing route to google.com [209.85.229.104]
over a maximum of 30 hops:
0 192.168.76.128
1 192.168.76.2
2 ww-in-f104.1e100.net [209.85.229.104]
Computing statistics for 50 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [192.168.76.128]
0/ 100 = 0% |
1 0ms 0/ 100 = 0% 0/ 100 = 0% 192.168.76.2
13/ 100 = 13% |
2 103ms 13/ 100 = 13% 0/ 100 = 0% ww-in-f104.1e100.net [209.85.229.104]
Trace complete.
--
Here is the "pathping google.com" for host OS after connecting to VPN1
--------
Tracing route to google.com [209.85.229.147]
over a maximum of 30 hops:
0 [10.9.215.218]
1 10.9.0.1
2 94.23.63.254
3 * * 20g.ldn-1-6k.routers.chtix.eu [94.23.122.110]
4 195.66.224.125
5 64.233.175.25
6 72.14.232.134
7 209.85.252.83
8 * * *
Computing statistics for 200 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [10.9.215.218]
5/ 100 = 5% |
1 87ms 13/ 100 = 13% 8/ 100 = 8% 10.9.0.1
0/ 100 = 0% |
2 105ms 6/ 100 = 6% 1/ 100 = 1% 94.23.63.254
0/ 100 = 0% |
3 107ms 15/ 100 = 15% 10/ 100 = 10% 20g.ldn-1-6k.routers.chtix.eu [94.23.122.110]
0/ 100 = 0% |
4 92ms 5/ 100 = 5% 0/ 100 = 0% 195.66.224.125
1/ 100 = 1% |
5 96ms 6/ 100 = 6% 0/ 100 = 0% 64.233.175.25
5/ 100 = 5% |
6 92ms 11/ 100 = 11% 0/ 100 = 0% 72.14.232.134
0/ 100 = 0% |
7 93ms 11/ 100 = 11% 0/ 100 = 0% 209.85.252.83
89/ 100 = 89% |
8 --- 100/ 100 =100% 0/ 100 = 0% [0.0.0.0]
Trace complete.
----
Here is "pathping goolge.com" output without connecting to vpn1
--------
Tracing route to google.com [209.85.229.99]
over a maximum of 30 hops:
0 [192.168.1.101]
1 * * *
Computing statistics for 25 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [192.168.1.101]
100/ 100 =100% |
1 --- 100/ 100 =100% 0/ 100 = 0% [0.0.0.0]
Trace complete.
----
Questions:
if the pathping on vmware with or without connecting to vpn1(on host) is same, does that mean vmware is connecting to internet without going through vpn1? The public IP of the vmware does show the IP coming from vpn1.
Install a VMWare player and configure it as NAT. Get USA based VPN (for ex. smallvpn.com) and connect host to my personal VPN, then boot up the vmware and connect it to the cisco vpn. Everything seems to be working fine as far as emails and applications are concerns on the vmware but I am not a network guy so I am 100% sure whether there is any chance that I might alarm the USA customer's IT will this approach if they see something weird in the trace. USA based customer's employee sometimes use vmware to conenct to the network- just fyi. Is my assumption correct that if my host has USA based via personal vpn then the NAT based vmware will have USA based IP too?
Here is some info which should help us determine whether all the vm guest OS traffic is going to host OS vpn or not. I have attached host and guest OS pathping print out. I have removed the name of the host from the log.
Here is what I did:
- powered off vmware, start vpn1 on host OS
- powered on vmware in NAT mode and ran "pathping goolge.com"
Here is the output. The output is same with or without vpn1 on host OS. I did restart the vmware after switching the vpn1 on and off on host.
---
Tracing route to google.com [209.85.229.104]
over a maximum of 30 hops:
0 192.168.76.128
1 192.168.76.2
2 ww-in-f104.1e100.net [209.85.229.104]
Computing statistics for 50 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [192.168.76.128]
0/ 100 = 0% |
1 0ms 0/ 100 = 0% 0/ 100 = 0% 192.168.76.2
13/ 100 = 13% |
2 103ms 13/ 100 = 13% 0/ 100 = 0% ww-in-f104.1e100.net [209.85.229.104]
Trace complete.
--
Here is the "pathping google.com" for host OS after connecting to VPN1
--------
Tracing route to google.com [209.85.229.147]
over a maximum of 30 hops:
0 [10.9.215.218]
1 10.9.0.1
2 94.23.63.254
3 * * 20g.ldn-1-6k.routers.chtix.eu [94.23.122.110]
4 195.66.224.125
5 64.233.175.25
6 72.14.232.134
7 209.85.252.83
8 * * *
Computing statistics for 200 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [10.9.215.218]
5/ 100 = 5% |
1 87ms 13/ 100 = 13% 8/ 100 = 8% 10.9.0.1
0/ 100 = 0% |
2 105ms 6/ 100 = 6% 1/ 100 = 1% 94.23.63.254
0/ 100 = 0% |
3 107ms 15/ 100 = 15% 10/ 100 = 10% 20g.ldn-1-6k.routers.chtix.eu [94.23.122.110]
0/ 100 = 0% |
4 92ms 5/ 100 = 5% 0/ 100 = 0% 195.66.224.125
1/ 100 = 1% |
5 96ms 6/ 100 = 6% 0/ 100 = 0% 64.233.175.25
5/ 100 = 5% |
6 92ms 11/ 100 = 11% 0/ 100 = 0% 72.14.232.134
0/ 100 = 0% |
7 93ms 11/ 100 = 11% 0/ 100 = 0% 209.85.252.83
89/ 100 = 89% |
8 --- 100/ 100 =100% 0/ 100 = 0% [0.0.0.0]
Trace complete.
----
Here is "pathping goolge.com" output without connecting to vpn1
--------
Tracing route to google.com [209.85.229.99]
over a maximum of 30 hops:
0 [192.168.1.101]
1 * * *
Computing statistics for 25 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 [192.168.1.101]
100/ 100 =100% |
1 --- 100/ 100 =100% 0/ 100 = 0% [0.0.0.0]
Trace complete.
----
Questions:
if the pathping on vmware with or without connecting to vpn1(on host) is same, does that mean vmware is connecting to internet without going through vpn1? The public IP of the vmware does show the IP coming from vpn1.
