virtualbox.org

I am trying to set-up VPN between a server on the internet and a vbox guest using NAT, so trying to forward ports 500 and 4500.
So I have set-up UDP port forwarding in Vbox from 4500 to 4500 and 500 to 500, so for example to do this for port 4500: and port 4500 works fine, so if I run : where 192.168.1.10 is my laptop IP, from my laptop or from external server (I have port forwarding for 500 and 4500 on router), then I see traffic I send when listening from Vbox guest using: However this does not work for port 500 which seems to be because this is a reserved port as all ports of 1024 and above I have tried work and ports 1023 and below do not work.
What I did get to work was if I forwarded from a port above 1024 to port 500 so if for example I forward port 2500 to 500, then I can do and then see traffic listening on UDP port 500 from the VM guest, but I think it might be difficult to change port isakmp (port 500) to 2500 in libreswan VPN as I have read port 500 is hard coded.
So can I forward packets sent to port 500 on my laptop to port 500 in guest VM (nothing is listening on port 500 on laptop).

I figured this out by adding forwarding rules in ipables in my laptop host (running Ubuntu)
So I added port forward in Vbox from 2500 to 500 and then ran the following on my laptop: So now with port forwarding on my router I can send from a computer on the Internet to UDP port 500 to the public IP on my router which is forwarded to 192.168.1.10:500 which is forwarded by iptables to 192.168.1.10:2500 and then forwarded to my Vbox guest - 10.0.2.15:500

Mike

This is deep networking territory, but I hope that someone might find it useful.

Since you provided the question and the answer (thank you!), I'm going to change the title of the thread from "How can I forward reserved ports to NAT guest" to "[HowTo] Forward reserved ports to NAT guest".