Port forwarding doesn't work.

Discussions related to using VirtualBox on Linux hosts.
Post Reply
hack3rcon
Posts: 204
Joined: 28. Feb 2016, 10:44

Port forwarding doesn't work.

Post by hack3rcon »

Hello,
I installed the OmniOS in the VirtualBox and set a port forwarding as below:
VirtualBox Port Forwarding Rules.png
VirtualBox Port Forwarding Rules.png (22.07 KiB) Viewed 4078 times
But, when I did SSH, then I got below error:

Code: Select all

$ ssh xen@10.0.2.16 -p2022
ssh: connect to host 10.0.2.16 port 2022: Connection timed out
The SSH service is running in the guest OS and I disabled the OmniOS Firewall with the following command too, but it doesn't matter.

Code: Select all

# svcadm disable svc:/network/ipfilter:default
How to solve it?

Thank you.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Port forwarding doesn't work.

Post by scottgus1 »

Try removing the 'host IP'. If I understand this correctly, it limits the possible sources the traffic can come from to the specified IP address. With no 'host IP', any compute can initiate the traffic.

Additionally, your screenshot shows that the VM is using NAT, which defaults to the VM receiving a 10.0.2.15 IP address. Please see Virtualbox Networks: In Pictures: NAT. Your rule is set to point to 10.0.2.17.

Did you change the default NAT IP address for this VM? If so, why? If not, the rule is pointing to the wrong guest IP address. NAT port forwarding does not require a 'guest IP' to be set.

Additionally, did you make the host IP address 10.0.2.16 to try to put the host into the NAT IP range? If so, that won't work. NAT behaves like a router, with the host on the WAN side.

See the tutorial about port-forwarding through NAT.

If the above does not help, please provide the following:
  • Start the VM from full normal shutdown, not save-state. Run until you see the problem happen, then shut down the VM from within the VM's OS if possible. If not possible, close the Virtualbox window for the VM with the Power Off option set.

    Right-click the VM in the main Virtualbox window's VM list, choose Show in Explorer/Finder/File Manager. In the "Logs" subfolder, zip the VM's "vbox.log", and post the zip file, using the forum's Upload Attachment tab.
  • Right-click the VM in the main Virtualbox window's VM list, choose Show in Explorer/Finder/File Manager. Zip the VM's .vbox file (not the .vbox-prev file), and post the zip file, using the forum's Upload Attachment tab. (Configure your host OS to show all extensions if the folder that opens does not show a .vbox file.)
  • In the host and VM Linux OS's, open a Terminal and run ifconfig or ip address. Post the command outputs. Label which is which.
hack3rcon
Posts: 204
Joined: 28. Feb 2016, 10:44

Re: Port forwarding doesn't work.

Post by hack3rcon »

Hello,
Thank you so much for your reply.
I set the IP address manually, because the OmniOS couldn't get the IP address from the DHCP.
The "ifconfig" command output in the Host and Guest OS's is:
Host:

Code: Select all

$ sudo ifconfig
eth0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 94:de:80:b8:1a:54  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.21.50.63  netmask 255.255.255.128  broadcast 172.21.50.127
        inet6 fe80::211:3bff:fe15:4a32  prefixlen 64  scopeid 0x20<link>
        ether 00:11:3b:15:4a:32  txqueuelen 1000  (Ethernet)
        RX packets 460435  bytes 493247760 (470.3 MiB)
        RX errors 0  dropped 74  overruns 0  frame 0
        TX packets 259177  bytes 35308364 (33.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 97342  bytes 202533016 (193.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 97342  bytes 202533016 (193.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Guest:
ifconfig command in the Guest OS.png
ifconfig command in the Guest OS.png (5.4 KiB) Viewed 3997 times
I attached the files that you wanted also.

Thank you.
Attachments
VBox.log.zip
(33.64 KiB) Downloaded 4 times
OmniOS.vbox.zip
(1.55 KiB) Downloaded 2 times
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Port forwarding doesn't work.

Post by scottgus1 »

Thanks for the info. OK, the VM is on NAT:
<Adapter slot="0" enabled="true" MACAddress="08002754FAF1" type="82540EM">
...
<NAT localhost-reachable="true">
<Forwarding name="Rule 1" proto="1" hostip="10.0.2.16" hostport="2022" guestip="10.0.2.17" guestport="22"/>
</NAT>
</Adapter>
I was able to run a NAT connection in a VM on a static IP address within the 10.0.2.0/24 range used by NAT, so it appears that your static IP of 10.0.2.17 in the VM should be OK. Can you ping 8.8.8.8 in the VM?

However, the port forwarding rule still has the issues it had before:
scottgus1 wrote:Try removing the 'host IP'.
Virtualbox Networks in Pictures: NAT wrote:When opening a port, you only need to set the host and guest port numbers. The traffic only goes through that one card, so the port forwarding rule does not need to know the IP address of the card.
Also, from the tutorial, NAT connects to the host network stack, and the host is in the "public" (WAN) side of the NAT "router". The VM is on the "private" (LAN) side if the router.

You tried to go through the NAT "router" by using a NAT LAN-side "private" IP address of 10.0.2.16, from the "public" side, the host. This won't work; that's not how one goes through a router.

To get through a router to a computer in the router's private LAN from the public side, you don't try to get in using an IP address in the router's LAN. You go into the router from the router's public WAN side's IP address, through a port in the router's port forwards:

public IP address : port# > router > private IP address : port# > PC
Virtualbox Networks in Pictures: NAT wrote:The host can connect to the NAT-connected card via: localhost:portnumber.

Other guests, internet and the LAN can connect to the NAT-connected card via: host.ip.add.ress:portnumber
You should access the VM behind NAT using the public WAN side IP address. The public WAN side of NAT is the host. So on the host, you'd access via 127.0.0.1:2022. From another computer in the host's network, you'd access the VM via the host's LAN IP address 172.21.50.63:2022
hack3rcon
Posts: 204
Joined: 28. Feb 2016, 10:44

Re: Port forwarding doesn't work.

Post by hack3rcon »

Hello,
Thank you so much for great tutorial.
I can ping "google.com" in the VM:

Code: Select all

$ ping google.com
google.com is alive
I changed the rule as below:
VirtualBox Port Forwarding Rules.png
VirtualBox Port Forwarding Rules.png (22.64 KiB) Viewed 3915 times
But, I got following result:

Code: Select all

$ ssh xen@172.21.50.63 -p2022
ssh: connect to host 172.21.50.63 port 2022: Connection refused
Any idea?
hack3rcon
Posts: 204
Joined: 28. Feb 2016, 10:44

Re: Port forwarding doesn't work.

Post by hack3rcon »

Problem solved via following rule:
VirtualBox Port Forwarding Rules.png
VirtualBox Port Forwarding Rules.png (21.9 KiB) Viewed 3915 times
Thank you.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Port forwarding doesn't work.

Post by scottgus1 »

Glad you got things going! However, unless it is critical to make sure you only use the host to communicate through this port and no other source, it is not necessary to put the host IP in the rule, as mentioned several times above.
Post Reply