Cannot access port 80 and 443 on guest (NAT Network)

[ohaya@yahoo.com]

Hi,

I have a guest, running CENTOS 5.9, and I have Apache built from source on it. The guest has one network interface, which is configured for NAT Networks (named "NatNetwork") and the network interface on the guest is configured for 10.0.2.101. The host IP is 192.168.2.14.

The NatNetwork has:

Network CIDR: 10.0.2.0/24
Network Options: Supports DHCP checked
Supports IPv6 unchecked

Port Forwarding:

Host Port Guest IP Guest Port
80 10.0.2.101 80
443 10.0.2.101 443
22 10.0.2.101 22

The problem I'm having is that:

From the host, I can putty/ssh to the guest by puttying to 192.168.2.14:22.

However, if I browse to either http://192.168.2.14:80 or to https://192.168.2.14:443 (The Apache is configured for SSL), I cannot connect.

If I change the Apache configuration to listen on say port 8080 instead of port 80 (and also add forwarding of 8080 to 10.0.2.100 port 8080, I can connect fine from the host.

It's as if SOMETHING is blocking only ports 80 and 443, but I can't figure out what might be doing that?

I think that I've disabled SELINUX (the config has "disabled") and also disable iptables/ip6tables.

So what else could be blocking ports 80 and 443?

Thanks,
Jim

[ohaya@yahoo.com]

To clarify: In other words, the problem I'm seeing is that I can access the guest from the host via port 22 (ssh/putty), but I cannot access the guest from the host via either ports 80 or 443.

[scottgus1]

Firewall on the host? Other host services that are looking at 80 & 443?

[ohaya@yahoo.com]

Firewall on the host? Other host services that are looking at 80 & 443?

I've checked, and SELINUX is disabled and iptables and ip6tables are disabled.

The weird part is I can connect from other machines that are on the NATNetwork network, which seems to indicate that it's VBox networking that is blocking connections to those ports (80 and 443)? And yet I can connect to it via port 22?

[scottgus1]

Is Selinux on the host? What host OS?

I suppose it could be a glitch in Virtualbox, but since 22 is getting through, 80 & 443 should be able to get through, unless something else is in the way. I would not suspect Virtualbox for now, due to 22 working.

NATnetwork is a virtual router. it has multiple "LAN" ports for the guest NICs attached to it. All the NICs connected to one NATnetwork will have their own network and full access to each other just like PCs attached to the LAN ports of a physical router.

[ohaya@yahoo.com]

Is Selinux on the host? What host OS?

I suppose it could be a glitch in Virtualbox, but since 22 is getting through, 80 & 443 should be able to get through, unless something else is in the way. I would not suspect Virtualbox for now, due to 22 working.

NATnetwork is a virtual router. it has multiple "LAN" ports for the guest NICs attached to it. All the NICs connected to one NATnetwork will have their own network and full access to each other just like PCs attached to the LAN ports of a physical router.

Hi,

Re. the last paragraph, yes, I understand that, i.e., the intra-NatNetwork traffic. FYI, I also tested running tcpdump on the VBox guest while trying to connect to ports 80 and 443 and I see no traffic in tcpdump at all.

This VBox is on Windows 7, and I've also added a rule in the Windows Firewall to allow incoming 80 and 443 but that didn't help at all.

I just don't understand what else could be blocking the traffic ...

[ohaya@yahoo.com]

I've now also cloned the original CENTOS 5.9 guest and I cannot connect on port 80 to the cloned host either.

So, I cloned a different CENTOS 7 guest and build Apache from source and I cannot connect on port 80 to the Apache on the CENTOS 7 machine from a browser on the host machine even though I have port 80 forwarded to the CENTOS 7 guest.

[scottgus1]

A quick google on "what service windows 7 port 80" shows there could be some other already-running service on your host using up port 80 and 443 before Virtualbox can pass the data to the guest. See what you can find.

Here's a link to some usual suspects: http://www.devside.net/wamp-server/open ... on-windows

[ohaya@yahoo.com]

A quick google on "what service windows 7 port 80" shows there could be some other already-running service on your host using up port 80 and 443 before Virtualbox can pass the data to the guest. See what you can find.

Here's a link to some usual suspects: http://www.devside.net/wamp-server/open ... on-windows

Hi,

I already made sure that there wasn't anything running on port 80 or 443, but FYI, I was just able to get it working (or rather it just started working).

What I *think* I did to get it working was to include the "Host IP" in the Preferences=>Networking=>NatNetwork=>Port Forwarding table. Earlier I had left those empty.

The reason I said "I *think*" is because:

a) I could've sworn that I had tried including the Host IP earlier today or yesterday and
b) The line/row for port 22 (putty/ssh) seems to work even without filling in the "Host IP" (why would that be different from ports 80 and 443)???

Anyway, I'm just happy that it's working now, but still puzzled why I had to ADD the "Host IP" for JUST the ports 80 and 443 lines?

Thanks,
Jim