Docbase login problem with VMware NAT when connected via VPN

KJurkowski

Hello,

I'm not good at networking, but I will try to explain as much as I can.

I have a Windows 7 host machine, running a Centos 2.16 as guest system on VMware Workstation 10.

The problem I have is that when I connect with Juniper VPN on my host computer, all network traffic (including VMnet8 - NAT network) is redirected to the VPN network (including DNS).

So when the VPN is not connected the tracert to the guest machine form the host is as follows:

C:\>tracert 192.168.254.128

Tracing route to 192.168.254.128 over a maximum of 30 hops

1    <1 ms    <1 ms    <1 ms  192.168.254.128

Trace complete.

But when I connect to VPN it looks as follows:

C:\>tracert 192.168.254.128

Tracing route to 192.168.254.128 over a maximum of 30 hops

1    74 ms    65 ms    65 ms  10.200.200.200

2    66 ms    66 ms    67 ms  ****.****.****.com [****.X.XX.XX]

3    67 ms    65 ms    65 ms  yyy.yyy.yyy.com [YYY.Y.YY.YYY]

4    68 ms    67 ms    67 ms  zzz.zzz.zzz.com [ZZZ.Z.ZZ.ZZZ]

etc.

First workaround I found for this problem was to use port forwarding in VMware Virtual Network Editor. I can access all applications running on guest system with localhost:<forwarded_port>. And this works for 99% of applications running on guest OS (like Tomcat), except the on I care the most - EMC Documentum Content Server.

On guest machine:

/etc/hosts has:

192.168.254.128 mydocbase.localdomain mydocbase

server.ini has:

[DOCBROKER_PROJECTION_TARGET]

host = mydocbase.localdomain

port = 1489

In VMware Virtual Network Editor I forwarded the Docbroker (1489) and Docbase (47625) port:

and entered

127.0.0.1    mydocbase.localdomain

in the Windows hosts file.

In dfc.properties I entered:

dfc.docbroker.host[1]=mydocbase.localdomain

dfc.docbroker.port[1]=1489.

And everything is working fine unless I connect my host machine to VPN. When I lunch dqMan I get the Documentum Login screen with the Docbase name running on my guest machine, but when I try to log-in I get Login Failure - Please try again.

I launched a wireshark on the guest system and suddenly when Logging in to to Docbase there is:

18    5.474156    192.168.254.128    192.168.254.2    DNS    Standard query AAAA mydocbase.localdomain

19    5.546983    192.168.254.2    192.168.254.128    DNS    Standard query response, No such name

multiple times.

I guess this must have to do something with the fact that the DNS lookups on guest are redirected as well as on the host machine when connected to VPN.

Anyone has any idea how to resolve this issue?

PanfilovAB

CS announces itself on docbroker as running on 192.168.254.128, so when client (DFC) connects to docbroker and asks what ip address CS has docbroker returns 192.168.254.128.

You need to setup address translation on docbroker, see Admin Guide how to achieve this (actually you need to setup second docbroker with address translation to don't break JMS)