Force virtual machine to only use VPN connection

openvpnvirtualboxvirtualizationvpn

Here's what I have:

Mac OS X 10.10 – running VirtualBox and acting as an OpenVPN client. This works just fine on the VPN and is intended to be my host machine. There is also a WiFi connection on this machine that acts as my gateway to the outside world. This Mac is set up with NAT to connect to the WiFi router.

Windows 7 Pro – this is a virtual instance to be running through VirtualBox on the Mac.

My OpenVPN Server is running on CentOS but I don't think that matters for the purposes of my question.

How can I make sure that my Windows machine only makes connections through the VPN and never via the WiFi?

When I first started, I thought that the OpenVPN client would act as a new network adapter and I could expose only that adapter in the VirtualBox settings. But that doesn't seem to be the case, VirtualBox just takes it as a NAT adapter.

To be clear, the desired use case would be the following:

  • The OpenVPN client is running fine on the Mac host machine which means that it runs fine on the Windows machine.

  • The OpenVPN goes down on the Mac client but the Mac keeps running via the Wifi connection. The Windows machine now no longer has access to any internet resources since there is no connection.

How can I achieve this?

Best Answer

The answer is: it depends whether you are using OpenVPN in the bridged or routed mode: you have a routed OpenVPN if your new virtual interface is tunX, a bridged OpenVPN if, instead, you have a tapX virtual interface.

For bridged OpenVPN: select, in the VirtualBox screen, Network-> Bridged Adapter, Name -> tap0.

For routed Openvpn: select, in the VirtualBox screen, network-> NAT.

This way you will not need an OpenVPN client on your VM. Also, the above answers cover both important cases, the OP did not not state which OpenVPN mode is in use.

To double check hat the above is working correctly, load in your browser the following URL, www.whatismyipaddress.com; from its output, or the geolocation tools provied in the answer if you are not sure, you shall be able to ascertain what is your apparent external IP.

Related Question