Hi,
I have a little problem that I am sure there must be an easy solution to!
I have set up a VPN on my Universal to connect to work. The problem is that my work's VPN server allocates me an ip address in the 10.x.x.x address range. All servers that I need to access behind the VPN have addresses in this range as well. Unfortunately, my ISP (T-Mobile UK), also allocates an address in the same range. Therefore, whenever I try to acccess a server at work, WM5 suffers confusion since it doesn't know whether to route the message through the VPN or directly out to the internet through the cellular modem.
I have been able to verify that the VPN thing works if my work network was on a different network address since initially, I was unable to VPN into my PC at home for the reason described above. I changed the ip addresses of all machines on my home network and now everything works fine at home.
Unfortuantely, I am unlikely to convince the IT people at work to change the address of all their machines. Similarly, I don't think I will have much success with T-Mobile and so is there anything I can change at my end to avoid this problem?
Thanks in advance for any help.
Mark
Narrowing the ip address may help, eg 10.0.0.1 is different to 10.1.0.1.
are you using this over wifi or gprs? if the phone provider is involved, I assume its gprs.
you could try and esablish your ip address as fixed rather than part of the pool, so the it guys assign a range for remote connections as say 10.0.0.100 to 10.0.0.150 as remote dial in connections, thus giving you a separate number.
the best way though I would have thought is for you to a fixed ip address known to you and the servers, and then hard type the ip address as your vpn settings, then establish that ip address as part of the exceptions settings.
in order to use exceptions though you have to know the range, or the exact ip address you will be assigned, and must be different to your telco.
not much of a solution, just some suggested areas to look at.
cheers
s.
hi guys, just out of curiosity what software are you using for VPN? on my laptop my company has installed cisco vpn, does it need to be a cisco vpn for wm5?? :?
From bad to worse...
Thanks for the reply Simon.
Unfortunately, I just went to try out some of your ideas and discovered that I can't get the VPN to connect at all now. It used to connect OK but then have routing problems whenever I tried to access anything. And my home VPN worked perfectly. Now, I can connect to neither.
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Yesterday I "upgraded" my GPRS account from T-Mobile's Web'N'Walk to Web'N'Walk Professional and now I find I have this problem. Is this just a coincidence, or could it be that the Pro version has more severe restrictions than the consumer version?
I have emailed Customer Services to see what they have to say.
I will post back when I get a reply from T-Mobile.
mstar, I am no VPN expert, but for me, using a Windows XP hosted PPTP VPN it works after a fashion (above problems excepted!). I am using the VPN client built into Windows Mobile 5. I think you stand a good chance of getting it working using the built-in client.
Mark
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Click to expand...
Click to collapse
I've heard on the grapevine that T-mobile have explicitly refused certain types of traffic on the web-n-walk
VOIP is the biggy...
I was seriously thinking about getting signed up - but no point if IPSEC is a prob, as well as VOIP.
Not sure how they can tell it's Skype traffic :?
http://www.reghardware.co.uk/2006/05/09/t-mobile_bans_voip/
for more info
An Update
An update on my VPN problem. Yesterday after total failure to get the VPN to connect, I emailed T-Mobile customer services.
Although they have not replied, when I tried it this afternoon I found that it was working again as before even though it had not been working first thing this morining. Of course I have not changed anythng at my end to cause it to break and then start working again (but they all say that, don't they!).
So, I don't know whether this was just a momentary fault, or whether T-Mobile have changed something to re-enable the VPN ports for me. I can now VPN in to my home PC, but the problem connecting to my work VPN with the 10.x.x.x address remains.
So, Sikkutz, depending on the address of the remote network, you may or may not be able to get a VPN to work using T-Mobile's Web'N'Walk.
By the way, my VPNs both use Microsoft's PPTP and not IPSec and so there may be different issues with that protocol.
I have discovered that O2 provides a separate acccess point, vpn.o2.co.uk, that causes a public ip address to be allocated to the device, ie not on the 10.x.x.x network. It would seem that this is designed to address this very problem. Does anyone know if T-Mobile can provide something similar?
Mark
There must be a solution
Hi!
I have the same problem with my Qtek 9000 (VPA IV). I can connect to my VPN Gateway but the routing into LAN failed. I get a 10.x.x.x address from Vodafone Germany and my LAN uses 10.98.8.X. :-(
But there must be a solution! My previous Qtek 9010 (VPA III) had the same problem, but it was able to route between the 10.-networks after a firmware-upgrade to version 1.40.01! But I don't no why!
What was changed in firmware to enable routing???
Daniel
i have the same issue aswell, I am reluctant to change the IP range of my machines as that usually causes trouble for the servers
Any other ideas?
Thanks
maybe stupid thing, but did you guys try dna forwarding (that is what I use from home office, not on pda to be honest..
Maybe I just did not get your point....
What kind of VPN server do you use? I'am using a Cisco PIX and use a PPTP VPN almost everyday. I can use the 10.1.x.x network at the location the PIX is located (this PIX is directly connected to the 10.1.x.x network).
I can't however use any of the remote offices using 10.2/10.3.x.x etc.
This is becaus of the lack of routing abilities in the PPTP implementation.
With an IPSEC tunnel (additional software needed) the remote offices can be reached without any problems.
I know that some IP implementation disallow routing between a public address and any 10.x address. To solve this you could give your VPN clients an address from a 10.x subnet .
hi sorry been away awhile,
I use the routing and remote admin snapin of Windows server 2003 to manage my VPN, I can connect fine using the phone as a modem with my notebook but as soon as I try accessing any URL/resource on my network it fails, e.g. we have a intranet site on http://servername but it wont open this up.
Any Ideas?
A technical problem, would be great if anyone knows the answer.
My tytn has been disconnected from the wireless internet here at university because of a malfunctioning DHCP.
I reinstalled the OS (HTC WM 6 and in between Schaps WM6) but the problem persisted. It isn't there most of the time but it only has to occur once for the university to disconnect the pda semi-permanently.
Any help would be much appreciated because being on the wireless network here is very useful.
"Your PDA has a malfunctioning DHCP client implementation, which prevents the device from renewing its DHCP lease. As a result your device is causing a disruption to the ----- Wireless Network.
Please resolve this problem as soon as possible. If you contact the manufacturer for assistance, you can provide these technical details:
The device obtained a lease via DHCP at 4:57 pm January 15.
It began in the DHCP INIT-REBOOT state, and obtained a lease normally.
However, at 5:00 pm January 15, the device began broadcasting invalid
DHCPREQUEST packages. It did so 3 times over a few seconds.
These DHCPREQUEST packets were invalid because they contained the following characteristics:
no Server IP Address option
no Requested IP Address option
ciaddr field is set to 0.0.0.0
No valid DHCPREQUEST packet contains that combination of characteristics.
This sort of bug is very unlikely to be produced by any sort of misconfiguration of the device. It's a kind of behavior normally due to a bug in the DHCP client software itself, fixable only be the vendor of the device."
bumping the thread
Just Got a focus from america (i live in the uk). Everything seems to work, except the wifi. It just says connection unsuccessful your phone couldnt reach the wi-fi network. . does anyone know how to solve this issue ?
Is this a home router or work router your trying to connect to? Some people have reported that having the router assign a static IP worked, because DHCP was assigning a IP address that was already assigned to another device.
If it's a corporate router MAC address filtering maybe enabled & your phone's MAC address may not be in the list of allowed devices. It could also be that you haven't loaded the required certificate to allow you use of the router.
I have a galaxy note 8 and have had unlimited Hotspot for over 3 years now, my wife changed our plan & now I only have 30 gigs a month and then it slows to 128kbs! I have been using it to stream since I cut the cord with our cable company, needless to say I can't stream anything at 128kbs... My question, is there a workaround or solution to solve this issue? I have unlimited data through att and I'm using a unrooted note 8 & trying to stream or screen mirror to a Nvidia shield either through my Hotspot or USB tethering etc... I have tried a few apps from the playstore to no avail. Any ideas or suggestions greatly appreciated.
I disabled LTE and use 3G on T-Mobile network. Set phone to WCDMA preferred. I have only achieved upto 10-20MBs speed but way better than the throttled speed on their monitored LTE bands. I used 82GB on one of my phones in one month. I switched to Suddenlink finally a few months ago. Maybe this info will help you.
I can't figure out how to trick AT&T into letting me do hotspot on my rooted Pixel 4 XL with root. Worked no problem on Android 10, but lal my hacks have fallen to the wayside after the upgrade.
Jaringan
ScrapMaker said:
I can't figure out how to trick AT&T into letting me do hotspot on my rooted Pixel 4 XL with root. Worked no problem on Android 10, but lal my hacks have fallen to the wayside after the upgrade.
Click to expand...
Click to collapse
Same issue in my pixel 2xl. Build.prop mods used to work great until Android 11. The hotspot still connects but no internet is available you the connected device. I'll keep looking to see if I can get it working.
Look for an application called "VPN Hotspot." It allows you to send the hotspot over some sort of fake vpn, or use your real one as well. It's not entirely seamless but there is a monitor mode that you can enable after every boot that will do the vpn trick anytime you turn on native tethering. If works around the aforementioned no-internet problems.
Garrygb said:
Can you explain to me the difference between tethering and hotspot?
Click to expand...
Click to collapse
Tethering is sharing your internet connection (through WiFi, bluetooth or usb) from one device with another device. A hotspot is just a WiFi transmission that you can connect to for internet service.
The most common way to tether is to create a WiFi hotspot on your phone and connect another device to it.
joemommasfat said:
Tethering is sharing your internet connection (through WiFi, bluetooth or usb) from one device with another device. A hotspot is just a WiFi transmission that you can connect to for internet service.
The most common way to tether is to create a WiFi hotspot on your phone and connect another device to it.
Click to expand...
Click to collapse
Most people use the terms interchangeably. I wouldn't get too hung up on it.
ScrapMaker said:
Look for an application called "VPN Hotspot." It allows you to send the hotspot over some sort of fake vpn, or use your real one as well. It's not entirely seamless but there is a monitor mode that you can enable after every boot that will do the vpn trick anytime you turn on native tethering. If works around the aforementioned no-internet problems.
Click to expand...
Click to collapse
Which monitors mode did you activate to get native tethering working? Netlink monitoring with root?
joemommasfat said:
Which monitors mode did you activate to get native tethering working? Netlink monitoring with root?
Click to expand...
Click to collapse
Pixel 4 XL, AT&T(no hotspot plan,) and Google Fi(no need for this app on this SIM)
- Rooted with Magisk Canary.
- Disabled IPv6.
- Enabled Tethering hardware acceleration.
- Enabled Repeater safe mode.
- Network status monitor mode: Netlink monitor with root.
It's still a bit annoying that this cannot be started as a service when the phone boots up, but based on all the comments from the dev, that's not on the roadmap. I just use the quicksetting toggle. I also use Tasker to alert when my tether is not properly running. I could ghetto-rig Tasker to start it, but haven't decided whether or not it's worth the frustration. Any time you do things with clicks instead of API, it gets messy.
AT&T does not have any starter plan for hotspot. Verizon has unlimited hotspot plan.
When you have used your data. You have speed limit. And only new plan can change speed.
Best is search near by public network. Or try to find Wi-Fi password. There are many free internet public network available. But keep good anti virus and firewall on when using public network.
finally after buying unlocked phones from directly from samsung AT&T no longer allows native tethering.
After the last samsung update I can no longer use native tethering, it scans for something in the systems and comes back saying my plan doesn't support tethering,
this after tethering just before the update go figure
I just had this happen on my note 9 (unlocked), i think it was the latest patch update as well. It looks it applying at&t updates to my non-at&t phone... So annoying.
Edit: Used odin to flash back to FUB1, i think it was FUD2 where it start checking provision/tether. FU ATT
Recently, I sent up my laptop with VirtualBox, a Virtual Machine Manager. I had issues getting my VM clients to function through the Windows Defender Firewall. I solved this by creating an advanced custom outbound rule with address range SCOPE which allowed the VirtualBox clients through the firewall on the Private Network where the VirtualBox clients were configured to use a bridged adapter mapped to the wireless adapter for the laptop. This might provide some insight to how the mobile phones Private Network is setup and controlled by the telecom provider.
My Problem: The Microsoft Windows Defender Private Network is blocking VM applications like Android Studio from reaching the internet through a bridged adapter, and maybe a NAT adapter too.
Solution: The following outbound rule fixes the problem allowing Virtual Machine clients access to the internet.
Windows Defender - Firewall using New Custom Outbound Rule
ORACLE VirtualBox 6.1 and Virtual Machine IPs
Add two Private Network address ranges to SCOPE
Add Both Ranges to both Local and Remote Scope
192.168.43.1 to 192.168.43.254 => DHCP Implementation with Wi-Fi Tethering
192.168.42.1 to 192.168.42.254 => DHCP Implementation with USB Tethering
* You might be able to restrict the Remote Scope range to just those IP Addresses used by the clients, especially Virtual Machine clients.
NOTES:
1.) DHCP Implementation with a Bluetooth connection is not addressed here.
2.) As you can see, I excluded the following IP addresses in each Class C IP Address Range.
192.168.42.0, 192.168.42.255 <-- DO NOT USE for USB Tethering
192.168.43.0, 192.168.43.255 <-- DO NOT USE for Wireless Tethering
192.168.x.0 is a reserved Class C base address
192.168.x.255 is a reserved Class C broadcast address
3.) For those Android versions before Android 9 which also supported built-in tethering in the OS, the Default Gateway was fixed:
192.168.43.1 => DHCP Implementation with Wi-Fi Tethering
192.168.42.1 => DHCP Implementation with USB Tethering
I do not know how a DHCP Implementation works with Bluetooth
4.) For the Android 9, the Default Gateway changes dynamically every time tethering is disabled and re-enabled, a possible security feature, maybe anti-hacking feature. I found this documented, but I also have experienced this outcome with the Razer Phone 2 running with Android 9. So, I wondered why this change was made from a Static Fixed IP for the Default Gateway on a Private Network as mentioned in note item 3.
5. I am using Wi-Fi tethering, so my Wireless Network Connection 2, Intel(R) Centrino(R) Ultimate-N 6300 AGN Wireless Adapter shows 192.168.43.XXX with ipconfig in Windows 10 which is a DHCP assigned Class C Private Network Address. You can see the Default Gateway address below as 192.168.43.YYY
Wireless LAN adapter Wireless Network Connection 2:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2607:fb90:e00e:87a3:9186:bcf5:6347:21c
Temporary IPv6 Address. . . . . . : 2607:fb90:e00e:87a3:ddb0:b5e4:2bba:34b
Link-local IPv6 Address . . . . . : fe80::9186:bcf5:6347:21c%12
IPv4 Address. . . . . . . . . . . : 192.168.43.XXX
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::465e:cdff:feb2:d933%12
192.168.43.YYY
6. My vEthernet (Default Switch), Hyper-V Virtual Ethernet Adapter, is showing 172.18.XXX.XXX with ipconfig in Windows 10 which is a DHCP assigned Class B Private Network Address. Since I am not using a Fixed-Wire connection to a router with my laptop, I am not sure if this adapter does anything for me, likely nothing right now.
Ethernet adapter vEthernet (Default Switch):
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::c86d:734d:506c:b72b%30
IPv4 Address. . . . . . . . . . . : 172.18.82.XXX
Subnet Mask . . . . . . . . . . . : 255.255.255.240
Default Gateway . . . . . . . . . :
Questions I began to ask myself:
1. Can I disable the DHCP server on my Android 9 smartphone? If you can disable DHCP by disabling a flag somewhere, then how do you manually establish a new static Gateway address to link to the external Public Network IP on the smartphone?
2. Can I set up and use static IP address ranges to connect my host and VM clients to the mobile hotspot? -- I do not think so because the telecom providers want to know when you are tethering which may be money driven on certain mobile smartphone plans.
3. Does Windows 10 and Ubuntu 20.04 allow the ability to set static addresses on the device?
--Windows 10 - Yes.
--Ubuntu VM - Yes, both using the UI or in Terminal mode. Go to Settings | Network in the UI. In Terminal mode, there are different approaches to configuring static IP addresses.
--Supposedly, using Static IP Addresses improves the start up performance of your Host and VM operating systems.
4. Can I set a Private Network Static IP address on Windows 10 as host and Ubuntu 20.04 as VM and leave the Gateway address blank? Will a blank Gateway address then use the Default Gateway established by the DHCP server?
I watched a video which described how to set up Static IP Addresses on Host and VM client devices, but that might have applied only to Android versions before Android 9 before the Default Gateway address was set or made fixed by the Android OS for Android OS versions before Android 9. If the VM client gateway addresses are now part of a closed IP stack or fixed address range, I think you can set a fixed client IP address in Ubuntu v20.04 running as a virtual machine with VirtualBox v6.1.
5. If your smartphone is Android 9 and earlier, it may be possible to change the Private Network IP Address Range dynamically assigned by the smartphones DHCP server. Does this block the telecom provider from detecting whether tethering is being used? -- I think the answer may be yes. Does it block the telecom provider from detecting the amount of data transmitted using the built-in tethering? -- I think the answer may be yes.
6. Can other VPN apps be loaded on Android devices and not use the build-in tethering function for VPN Wireless connectivity?
--I have a Zte Grand X Max Plus running Android 4.4 (KitKat). I used a third-party application for a VPN wireless connection which turned my mobile phone into a mobile hotspot. This mobile phone did not have any build-in tethering function. The telecom provider may be able to detect these third-party VPN Wireless applications, maybe block them, possibly even remove those apps from your mobile phone.
7. Does the Android 9 smartphone using the DHCP server cache the last used client IP addresses for the client devices and attempt to reissue them again?
--I read some documentation that seemed to indicate this. I also see that happening when I shutdown and restart my Virtual Machines. I do not know if there is some session control or expiration of these dynamically assigned IP Addresses.
8. Can I change the default hotspot DHCP IP address range on Android? -- See Reference #2 item below.
--It appears that this may be possible with Android smartphones versions 9 and earlier. Android 10 and Android 11 may have moved to using a separate ROM Private Network adapter that will not allow the ability to change the default IP Address Range. And it is also unclear whether you can assign static addresses to client devices on Android version 10 and 11 within the DHCP authorized address range. If the client address has already been assigned dynamically at least once, you might be able to change that client device to using that address as a Static IP Address. What you do not want is the DHCP server attempting to assign an IP address to a client device when that IP address is already being used by another device; I would hope that the system is smart enough to avoid this IP collision.
9. Can changing default hotspot DHCP IP address range on Android by-pass any throttling by the telecom provider and allow greater access to unlimited data? This is possible, maybe even likely the case with older Android smartphones. Why else are people trying to figure this VPN stuff out? Why are the telecom companies moving to using ROM chips as network adapters, more specifically tethering network adapters?
-- It is all about the money for tethering services, I think. Telecom companies or the government wants to control how you use your data or more easily monitor or filter your IP traffic. They want to segment the type of data used to standard smartphone data and track premium tethering data. Will someone discover a hack around these ROM network chips for Android 10 and Android 11? Who knows.
10. If the default hotspot DHCP IP address range on Android could be changed/altered by the consumer and the DHCP server disabled, how do we get connect the dynamically public assigned IPv4 Address from the from the Android smartphone to our custom Private Network (VPN) and link to the established Gateway address?
--You can accomplish this behavior with a router at home, establishing a bridge between the Android smartphone and the home router. And how do we do this without a router? You can establish an alternate (sub)network configuration in Windows 10, and then have Windows 10 share their connection with other devices. But these paths likely do not bypass the throttling limitations set by the telecom provider. But, these options might allow you to connect more devices with NAT to the internet than the telecom might normally permit directly to the phone. Not sure, but I am just making an educated guess here.
I hope that some of my research and related experience helps. I think reference #2 below might be the best shot at trying to bypass throttling limitations with the telecom provider. The other option is to activate and older phone with a telecom provider that gives you more options as a mobile hotspot using an older mobile OS on the phone.
I found the following references useful:
References:
1.) How configure the DHCP settings of WIFI Tethering (Hotspot) on Android?
How configure the DHCP settings of WIFI Tethering (Hotspot) on Android?
When connecting my PC to Android Wi-Fi hotspot, it assigned a 192.168.42.x address to my PC. I really need to change this as it conflicts with one of our work subnets - is this possible?
android.stackexchange.com
2.) How to change the default hotspot DHCP IP address range on Android? *** HACK ***
How to change the default hotspot DHCP IP address range on Android?
As the title says I look for a way to permanently change the default IP address range form 192.168.43.xxx to 192.168.1.xxx. Reason: On my router some of my devices get a static IP trough DHCP, in ...
android.stackexchange.com
3.) How can I permanently assign a static IP address to Wi-Fi or USB tether clients?
How can I permanently assign a static IP address to Wi-Fi or USB tether clients?
I use my phone as an extended display with x11vnc, which works as intended. The only issue is, that I have to change the IP address on the VNC client on my phone, very often. Because of dynamic DH...
android.stackexchange.com
4.) How can I permanently change my hotspot tethering IP address?
How can I permanently change my hotspot tethering IP address?
IP address is 192.168.43.1 by default and there is no option to change it permanently. Is it possible to change it without root access? My phone is Huawei Android 5.1.
android.stackexchange.com
5. How do I find my public IPv4 Address on my Razer Phone 2, Android 9 phone?
You can obtain it from a browser. See https://www.businessinsider.com/how-to-find-ip-address-on-windows
6. How do I find my public IPv6 Address on my Razer Phone 2, Android 9 phone?
Go to Settings | System | About phone | IP address
7. Private Address Ranges
Private Address Ranges
The Internet Assigned Numbers Authority (IANA) has assigned several address ranges to be used by private networks.
www.ibm.com
My system setup:
Hardware Platform
Laptop: DELL Latitude
Model: E6420
Installed Physical Memory (RAM): 16.0 GB
Host Operating System
MSINFO32.exe
Host OS Name: Microsoft Windows 10 Pro
Version: 10.0.18362 Build 18362
Host IP: 192.168.43.XXX
Virtual Box - VM Manager
/usr/sbin/VBoxService --version
6.1.26r145957
Guest OS Name: Ubuntu 20.04.2.0 (Linux) => https://ubuntu.com/download/desktop
Version: ubuntu-20.04.2.0-desktop-amd64.iso, VBoxGuestAdditions_6.1.26.iso
Remote IP, Guest: 192.168.43.xxx with Wi-Fi Hotspot
Local IP, Default Route/Gateway: 192.168.43.xxx changes dynamically with the Razer Phone 2 and Android 9 every time tethering is disabled and re-enabled.
Guest OS Name: Android-x86 9.0 ("Pie") => see http://www.Android-x86.org
Version: android-x86_64-9.0-r2.iso
Remote IP, Guest: 192.168.43.xxx with Wi-Fi Hotspot
Local IP, Default Route/Gateway: 192.168.43.xxx changes dynamically every time tethering is disabled and re-enabled.
Mobile Hardware Smartphone: Razer Phone 2
Operating System: Android 9.0
Thursday, April 28th, 2022
Handling Outbound Connections
I ran across a related or similar link today; my same solution works for this issue. For me this was simply a Microsoft Windows Firewall issue for VirtualBox and Ubuntu as a VM.
Virtual box is not working on windows 10
I have installed virtual box But when I tried to run it. It shows me an error as: I have been trying everything for whole day. Like there are answers related to this question as: VT-x is not avai...
superuser.com
1. Go to Microsoft Windows Defender
2. Create an Outbound Custom Rule
3. Create the following Scope and Address Range
192.168.43.1-192.168.43.254 - Set the following address range.
192.168.43.X - Address of Ubuntu VM on VirtualBox
4. Provide a name for the new custom rule such as VirtualBox (or "VirtualBox Outbound Rule").
Alternatively, the Custom Outbound Rule allows you to pick programs that you want to allow through the firewall.
1. Go to Microsoft Windows Defender
2. Select "This program path:"
3. Go to the following folder: C:\Program Files\Oracle\VirtualBox
4. This is where I am stuck on which process to pick to allow through the firewall. I see applications such as "VirtualBox.exe", "VirtualBoxVM.exe", "VBoxManage.exe", "VBoxSVC.exe", "VBoxNetNAT.exe", "VBoxNetDHCP.exe" and others. For this reason, I took the IP path which appeared easier to solve. If I just allow the IP Address for a client or IP Addresses for all clients through the firewall, I do not have to worry about what VirtualBox executables or applications I have to give firewall permissions to. I someone knows the answer, I would love to know that answer.
Handling Inbound Connections (Optional)
I am thinking here about use of inbound connection rules, when they could be used, and how an Inbound Rule would be setup for smartphone which are tethering to the internet.
1. You might need an Inbound Rule if a connection is going to initiate or come inbound via the host computer IP to the VirtualBox virtual machine. Does the firewall have to be configured with an inbound rule for the host operating system to make an inbound connection to the Virtual Machine and maybe to a specific application with a port number?
2. You might also need an inbound rule if other computers exist the same private network.
a.) INBOUND CONNECTION from GUEST-REMOTE-CLIENT OS to VIRTUAL MACHINE OS, USING ONE SMARTPHONE as WI-FI HUB: One way this can happen is if a tethered smartphone itself acts as a Wi-Fi hub to more than one computer on the same private network. I have done this with work associates at a coffee shop on a rare occasions. I think that smartphone manufacturers and/or telecom providers allow a tethered smartphone device to possibly have up to five inbound client network connections to a smartphone serving as a Wi-Fi hub.
b.) INBOUND CONNECTION from ONE CLIENT LAPTOP to VIRTUAL MACHINE on ANOTHER CLIENT LAPTOP, USING A PHYSICAL HUB (WIRED | WIRELESS): I have also exposed my laptop to a traveling mini-hub configured with a shared private network subnet so that my friends could connect to the internet using fixed wire ethernet cables I also had with me. With a physical mini-hub supporting Network Address Translation (NAT), the five-connection limitation does not exist; the number of ports on your hub is your limitation. The physical hub using NAT makes all hub connections appear as one with my laptop, all sharing my laptop connection which is tethering to my smartphone and the internet. I did this once or twice when I did not have tethering technology built into my smartphone which my Razer Phone 2 does have. If five devices can access the internet and the same private network through a tethered smartphone acting as a Wi-Fi hub, they could be networked optionally to be able to see other computers on the same private network. And, If that is true, then another laptop could connect to a VM running on another friend's laptop. Software developers working together might want to share a VM, for example, that has an OS with a database server running on the virtual machine.
c.) INBOUND CONNECTION from ONE LAPTOP with PUBLIC LAPTOP IP routed to a VIRTUAL MACHINE on ANOTHER LAPTOP with PUBLIC LAPTOP IP: I am not sure if two people can share a VM running a server operating system where two people would each use their own smartphones and one of the parties would access a friends VM through a public IP address. The user with the VM would have to share their PUBLIC IP address information and tethering password maybe for access as a GUEST USER. The external remote user 's laptop connection would have to be routed to the local user's Guest VM OS Ubuntu on a VM manager like VirtualBox, possibly then also to an application like an ORACLE database having the appropriate port number allowing for an inbound connection to an application. Can tethered remote smartphones route a friend's laptop with an external IP address, forwarding an inbound connection to a VM Guest OS? Can you also then route to a port restricting use to a certain application running on a server like a SQL Server database.
Notes: McAfee Security for T-Mobile has an option called "Sharing your device? Try Guest Mode". This app has two options called "Accessibility" and "Draw Over Apps". "Guest mode" it reads lets you control what others see on your device. I have not explored these yet. This is one side or part of Security. The other part would be the necessary routing of a Remote User to the a Guest VM OS on another laptop using an internet connection from another smartphone, this also possibly requiring inbound connection routing with Microsoft Windows Defender, routing the Guest user to the VM. I did find some router Android apps on Google Play. So, maybe somebody has tried this out.