Page 1 of 1
NAT guest can't connect to external hosts
Posted: 14. Sep 2016, 15:06
by Spirit-RC
Hi.
I have a VirtualBox 5.1.6 r110634 on Windows 10 and a Lubuntu 16.04 guest.
The guest is configured for "NAT" networking mode and gets a 10.0.2.4 address over DHCP.
I am trying to connect via SSH to an external host (specifically, 93.191.13.6).
I have no problems connecting to it from the host.
Edit: I've also tried HKP, GIT and SVN ports, all are open for direct connection on my company router and can be successfully directly connected to from the host.
The guest however, as I observe with wireshark and VirtualBox'es packet capture, gets a "Network unreachable" response from 10.0.2.1 right away, without even trying to forward the TCP SYN packet to the host's external interface.
What's wrong? How to fix that?
Please let me know if any additional details are required. I will gladly provide them.
Re: NAT guest can't connect via SSH to external hosts
Posted: 20. Sep 2016, 18:47
by Spirit-RC
Anyone?
I even tried downgrading to virtualbox 4.3.40, but no luck. I still can't reach non-locally-connected hosts.
NAT works fine when VM connects to 192.168.* hosts, but fails with "Network unreachable" when I try to connect to hosts behind the router.
The default routing is properly set up in Windows 10 host:
Code: Select all
C:\Users\Amelkin>route print
===========================================================================
Interface List
9...f8 32 e4 c0 4e 7f ......Realtek PCIe GBE Family Controller
25...08 00 27 00 40 8d ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.2 192.168.2.115 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.115 276
192.168.2.115 255.255.255.255 On-link 192.168.2.115 276
192.168.2.255 255.255.255.255 On-link 192.168.2.115 276
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.115 276
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.115 276
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 276 fe80::/64 On-link
25 276 fe80::/64 On-link
9 276 fe80::218e:685d:a8a2:a2e1/128
On-link
25 276 fe80::ad64:4629:8683:ccd/128
On-link
1 306 ff00::/8 On-link
9 276 ff00::/8 On-link
25 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
This drives me nuts. I can't work. I need my VMs to be able to connect to Internet on certain ports and to go via proxy for all other connections.
The proxy part works just great while the direct connection always fails without even going out of the external interface of my host PC.
Re: NAT guest can't connect to external hosts
Posted: 21. Sep 2016, 12:36
by Spirit-RC
Interesting peculiarity: the ICMP echo-request packets to the very same hosts are forwarded to the external port of my host and are never replied because are filtered out and dropped by my company's router.
The TCP SYN packets never make it to the external port of my host. Actually, no packet at all (destined to a routed host) gets to the external port of my host computer when I do "telnet {routed-host} {any-port}" in a Linux guest.
Re: NAT guest can't connect to external hosts
Posted: 21. Sep 2016, 13:49
by Spirit-RC
As per
"Minimum information needed for assistance" I am hereby posting the required details.
- The version of VirtualBox you are using
4.3.40 r110317, also tried 5.1.6 r110634. Both with corresponding versions of Guest Additions and Extension Packs installed.
- Host & Guest make and version including 32 or 64 bit, and the amount of memory available to both.
- Lubuntu 16.04 Minimal, 64-bit, 1024 MB RAM, 4 CPUs at 80% max load
- Windows XP Professional, 32-bit, 192 MB RAM, 1 CPU at 100% max load
- VM log file (as an attachment)
Attached for Lubuntu 16.04 only, as it is of the most interest to me.
Also attached is the pcap file gathered with "VBoxManage modifyvm "Lubuntu x64" --nictrace1 on --nictracefile1 nic.pcap".
The file was gathered while the VM booted and then the following commands were issued from a terminal window:
Code: Select all
amelkin@amelkin-vbox-dev:~$ telnet shell.openshells.net 12345
Trying 70.39.65.167...
telnet: Unable to connect to remote host: No route to host
amelkin@amelkin-vbox-dev:~$ telnet spirit.fiord.ru 12345
Trying 93.191.13.6...
Trying 2a02:2518:2:1::3...
telnet: Unable to connect to remote host: Network is unreachable
amelkin@amelkin-vbox-dev:~$ telnet spirit.fiord.ru 22
Trying 93.191.13.6...
Trying 2a02:2518:2:1::3...
telnet: Unable to connect to remote host: Network is unreachable
amelkin@amelkin-vbox-dev:~$ telnet spirit.fiord.ru 22
Trying 93.191.13.6...
Trying 2a02:2518:2:1::3...
telnet: Unable to connect to remote host: Network is unreachable
amelkin@amelkin-vbox-dev:~$
I'm not attaching the wireshark's pcap log for the host's external interface with filter "port 12345" as the file is empty.
Re: NAT guest can't connect to external hosts
Posted: 21. Sep 2016, 15:06
by scottgus1
The default IP address for Virtualbox's NAT and NAT network modes is 10.0.2.15 for a DHCP-served guest, and the gateway is 10.0.2.2. There isn't anything that at least responds to a ping at 10.0.2.1.
Your guest IP address is 10.0.2.4. Did you try to modify the default IP address setup for Virtualbox NAT?
Please try posting the output of "ifconfig".