My Virtual Machine is unable to use the internet when the host system is using a VPN.
What is an easy way to solve this issue?
I’m using Virt-Manager
How is the VM network configured? Is it using nat?
I don’t know if it uses NAT, it is a custom VPN client configured for my University that is based on
Cisco AnyConnect VPN Client
Not the vpn. How is the VM network configured?
Yes, it is using NAT
I created a separate post for this.
2 Likes
There is a bug report on this issue 5 years ago
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvc22105
Description (partial)
Symptom:
AnyConnect user on Linux with VMs set up with virt-manager no longer have network access once a VPN connection is established on the Host Linux system
Conditions:
After investigation, we believe this issue is caused due to the security hardening design of how AnyConnect handle routing tables and firewall filters. QEMU-KVM relies on certain routing table entry and also maintains its own firewall filters to allow traffic from client machine send through NAT adapter. However, AnyConnect by default would tunnel all traffic including local LAN. Besides, AnyConnect also modify the firewall filters to bypass all other user defined (in this case virt-manager defined) filters.
Looks like Anyconnect is deliberately ensuring that no other IPs can access the VPN.