Linked by Thom Holwerda on Thu 8th Sep 2011 18:43 UTC
Windows After a few relatively small changes and not-so-earth-shattering features, the Windows 8 blog has now unveiled something many of you will surely appreciate: Hyper-V, Microsoft's hypervisor-based virtualisation software, will be integrated into the client releases of Windows 8 - not just the server releases.
Thread beginning with comment 489051
To read all comments associated with this story, please click here.
Partly off-topic question
by bogomipz on Fri 9th Sep 2011 20:47 UTC
bogomipz
Member since:
2005-07-11

The number one use case I have for virtualization is to run a VPN client without loosing access to the local network, or to use multiple VPNs simultaneously.

Does anybody know of other ways to sandbox a VPN on Windows? The virtualization approach feels sort of heavy weight for this.

Reply Score: 3

RE: Partly off-topic question
by DeadFishMan on Sat 10th Sep 2011 20:15 in reply to "Partly off-topic question"
DeadFishMan Member since:
2006-01-09

The number one use case I have for virtualization is to run a VPN client without loosing access to the local network, or to use multiple VPNs simultaneously.

Does anybody know of other ways to sandbox a VPN on Windows? The virtualization approach feels sort of heavy weight for this.


Is there a problem on Windows to run multiple VPNs simultaneously? I usually telecommute in most business days but I'm currently temporarily assigned to another project/customer at the company I work for in addition to my regular duties and to access their AIX systems, I have to connect through yet another VPN client, Cisco AnyConnect VPN client or some such.

Granted, I am running Windows XP SP3 but the Cisco client is not that reliable and crashes every now and then, sometimes taking its connection with it and sometimes not. And when it crashes, it usually requires a reboot to get it back in good shape.

But when I am connected into both VPNs, everything works fine including access to resources in my own home network so I kind of assumed that it was trivial thing. A ipconfig /all shows all the "virtual" plus the real network interfaces at the system.

Unless you want a set up with different default gateways depending on your needs at the moment? A few co-workers that are assigned to a different project/customer have a similar problem where they cannot use the corporate IM network among a bunch of other things most of the time so I definitely see a use case here but running multiple OS instances on VMs all the time to provide constant access to multiple VPNs sounds overkill to me... ;)

Edited 2011-09-10 20:19 UTC

Reply Parent Score: 2

RE[2]: Partly off-topic question
by oiaohm on Sun 11th Sep 2011 01:40 in reply to "RE: Partly off-topic question"
oiaohm Member since:
2009-05-30

"The number one use case I have for virtualization is to run a VPN client without loosing access to the local network, or to use multiple VPNs simultaneously.

Does anybody know of other ways to sandbox a VPN on Windows? The virtualization approach feels sort of heavy weight for this.


Is there a problem on Windows to run multiple VPNs simultaneously?
"
Yes there is a problem.

Issue is when the IP ranges from the VPN's over lap.

Linux recently added a feature to its cgroup/container system to deal with this problem. Solaria has had it in there zones for a far while.

Basically that you can assign applications to network links. So avoid the issue.

Yes the virtual machine solution is major overkill to get around a OS design defect.

Reply Parent Score: 2

bogomipz Member since:
2005-07-11

Is there a problem on Windows to run multiple VPNs simultaneously?

At work I use three VPN clients on a daily basis for connecting to our customers' sites; Checkpoint, Nortel and Cisco.

Only the one from Checkpoint lets me use the local network while connected to the VPN.

Whether Windows' built-in IPsec must be enabled or disabled varies between the clients, so you have to know when to start/stop the service.

For these reasons I have three VM images dedicated to each of the VPN clients. My host is currently OS X, but I moved the VPNs into VMs one or two years before switching to a Mac.

I have never been able to connect to two of the VPNs simultaneously. IIRC, you can even experience clients that are incompatible to the point where you can't have both installed at the same time.

At the low end of the annoyance spectrum is the issue with existing TCP connections breaking when dialing a VPN. (Somebody calls you on VoIP, you need to connect to a VPN to answer their question, and bam! Call ended.)

On my Linux box at home, I am able to connect to the Cisco VPN server without loosing control the way I do with the Windows client. Normally vpnc does the usual routing table hijacking, but if I configure it to not run the default connect script, all it does is create a tunneling device. I can then route specific destination addesses through the VPN however I want.

I don't think the issue is primarily with Windows, but rather with the VPN clients that mess too much with my system's routing table. I have however not found any open source client for the Nortel and Checkpoint VPNs. I have not attemted to use non-official clients on Windows. The easy solution was to virtualize XP on XP to work around all the pain.

Reply Parent Score: 2