bringert
Contributor
Contributor

Can't ping Windows XP guest OS from Linux host, using NAT

I have Windows XP running as a guest under VMWare player on an Ubuntu host. I use NAT for the guest and networking works fine from the guest. The problem is that I can't ping or connect to any ports in the guest from the host.

I'm running VMWare Player 1.0.3 build-34682 under Ubuntu Dapper, kernel 2.6.15-28-amd64-k8. The guest OS is Windows XP SP2 with all security updates. I have turned off the Windows XP firewall.

On the host:

$ ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:0E:0C:64:49:7A

inet addr:129.16.225.14 Bcast:129.16.255.255 Mask:255.255.0.0

inet6 addr: fe80::20e:cff:fe64:497a/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:3284813 errors:0 dropped:0 overruns:0 frame:0

TX packets:2755412 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:804009992 (766.7 MiB) TX bytes:3569039614 (3.3 GiB)

Base address:0xa000 Memory:d9020000-d9040000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:10569796 errors:0 dropped:0 overruns:0 frame:0

TX packets:10569796 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:3245208568 (3.0 GiB) TX bytes:3245208568 (3.0 GiB)

sit0 Link encap:IPv6-in-IPv4

NOARP MTU:1480 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01

inet addr:172.16.253.1 Bcast:172.16.253.255 Mask:255.255.255.0

inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:6 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08

inet addr:192.168.90.1 Bcast:192.168.90.255 Mask:255.255.255.0

inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:371 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

$ route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

172.16.253.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1

192.168.90.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8

129.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0

0.0.0.0 129.16.1.4 0.0.0.0 UG 0 0 0 eth0

On the guest:

C:\Documents and Settings\User>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : vm-winxp

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : localdomain

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : localdomain

Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet Adapter

Physical Address. . . . . . . . . : 00-0C-29-AF-EF-6A

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.90.128

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.90.2

DHCP Server . . . . . . . . . . . : 192.168.90.254

DNS Servers . . . . . . . . . . . : 192.168.90.2

Lease Obtained. . . . . . . . . . : Wednesday, February 21, 2007 9:48:30 AM

Lease Expires . . . . . . . . . . : Wednesday, February 21, 2007 10:18:30 AM

From the guest: pinging host's public IP:

C:\Documents and Settings\User>ping 129.16.225.14

Pinging 129.16.225.14 with 32 bytes of data:

Reply from 129.16.225.14: bytes=32 time<1ms TTL=128

Reply from 129.16.225.14: bytes=32 time=1ms TTL=128

Reply from 129.16.225.14: bytes=32 time<1ms TTL=128

Reply from 129.16.225.14: bytes=32 time<1ms TTL=128

Ping statistics for 129.16.225.14:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 1ms, Average = 0ms

From the guest: pinging the guest's default gateway:

C:\Documents and Settings\User>ping 192.168.90.2

Pinging 192.168.90.2 with 32 bytes of data:

Reply from 192.168.90.2: bytes=32 time<1ms TTL=128

Reply from 192.168.90.2: bytes=32 time<1ms TTL=128

Reply from 192.168.90.2: bytes=32 time<1ms TTL=128

Reply from 192.168.90.2: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.90.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

From the guest: pinging the IP address that the host reports for it's vmnet8 interface:

C:\Documents and Settings\User>ping 192.168.90.1

Pinging 192.168.90.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.90.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

From the host: pinging the guest:

$ ping 192.168.90.128

PING 192.168.90.128 (192.168.90.128) 56(84) bytes of data.

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

\--- 192.168.90.128 ping statistics ---

4 packets transmitted, 0 received, 100% packet loss, time 2999ms

From the host: pinging the address of the hosts's vmnet8 interface:

$ ping 192.168.90.1

PING 192.168.90.1 (192.168.90.1) 56(84) bytes of data.

64 bytes from 192.168.90.1: icmp_seq=1 ttl=64 time=0.041 ms

64 bytes from 192.168.90.1: icmp_seq=2 ttl=64 time=0.040 ms

64 bytes from 192.168.90.1: icmp_seq=3 ttl=64 time=0.039 ms

64 bytes from 192.168.90.1: icmp_seq=4 ttl=64 time=0.042 ms

\--- 192.168.90.1 ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time 3004ms

rtt min/avg/max/mdev = 0.039/0.040/0.042/0.006 ms

From the host: pinging the default gateway reported by the guest:

$ ping 192.168.90.2

PING 192.168.90.2 (192.168.90.2) 56(84) bytes of data.

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

\--- 192.168.90.2 ping statistics ---

4 packets transmitted, 0 received, 100% packet loss, time 3014ms

The .vmx file for the VM running the guest:

#!/usr/local/bin/vmware

config.version = "8"

virtualHW.version = "3"

memsize = "512"

ide0:0.present = "TRUE"

ide0:0.fileName = "winxp-hd.vmdk"

ide1:0.present = "TRUE"

ide1:0.fileName = "vmware-tools.iso"

ide1:0.deviceType = "cdrom-image"

floppy0.fileName = "/dev/fd0"

ethernet0.present = "TRUE"

usb.present = "FALSE"

sound.present = "TRUE"

sound.virtualDev = "es1371"

displayuName = "Test Machine"

guestOS = "winxppro"

scsi0:0.redo = ""

ethernet0.addressType = "generated"

displayName = "Windows XP"

checkpoint.vmState = "winxp.vmss"

ide0:0.redo = ""

uuid.location = "56 4d bc 2f 57 1d 3e 7e-73 37 a8 60 5a af ef 6a"

uuid.bios = "56 4d bc 2f 57 1d 3e 7e-73 37 a8 60 5a af ef 6a"

ethernet0.generatedAddress = "00:0c:29:af:ef:6a"

tools.remindInstall = "FALSE"

ethernet0.generatedAddressOffset = "0"

ethernet0.connectionType = "nat"

tools.syncTime = "TRUE"

Any ideas?

0 Kudos
7 Replies
RDPetruska
Leadership
Leadership

In order to see your guest from the outside world when the guest is NATted, you need to set up port forwarding. See either the Server or Workstation manual -- http://www.vmware.com/support/ws55/doc/ws_net_nat.html

KevinG
Immortal
Immortal

The host computer has a host virtual adapter on the NAT network (vmnet8) (identical to the host virtual adapter on the host-only network(vmnet1)). This adapter allows the host and the virtual machines to communicate with each other. You should be able to access the guest from the host without any port forwarding setup. If you want to access the guest from any system other than the host, you will need to setup port forwarding.

bringert
Contributor
Contributor

KevinG: Yeah, that's what I expected, but it doesn't seem to work. Do you have any ideas for what I could check?

One thing that confuses me is that the host has 192.168.90.1 as the address of vmnet8, but the guest uses 192.168.90.2 as the gateway. It seems to work fine for the guest, but is it correct?

0 Kudos
bringert
Contributor
Contributor

In order to see your guest from the outside world

when the guest is NATted, you need to set up port

forwarding. See either the Server or Workstation

manual --

http://www.vmware.com/support/ws55/doc/ws_net_nat.html

Adding port forwarding to the guest made it possible to contact the guest from the host, thanks. It seems like overkill though, I don't want to allow the whole world to talk to the guest. I just need to be able to reach it from the host.

0 Kudos
KevinG
Immortal
Immortal

>One thing that confuses me is that the host has 192.168.90.1 as the address of vmnet8, but the guest uses >192.168.90.2 as the gateway. It seems to work fine for the guest, but is it correct?

The 192.168.90.1 is the address of the virtual network adapter vmnet8.

The 192.168.90.2 is the NAT service, which is the gateway to the outside world

0 Kudos
jakestokes
Contributor
Contributor

Not to rehatch an old problem, but...

I have the exact same problem, RHEL 3 host, XP Guest, NAT. I can't ping or contact the guest in any way from the host via the command line. Interesting that I can contact a 2000 SP4 Guest though....

So I followed what you guys have recommended and I vi-ed my nat.conf file per the documentations instructions. I did a test with telnet. I enabled telnet on the guest (port 23) in nat.conf I add the line:

\[incomingtcp]

8889 = 192.168.0.128:23

I restart vmware. If I do a netstat -an |grep 8889 I can see that vmware is now listening on 8889 if I do a telnet localhost 8889 it times out. Doing a netstat -an on the guest shows that 23 is listening but nothing ever connects. I tried telnet 192.168.0.2, 1, 127.0.0.1, etc, etc.

The guest is 192.168.0.128. Is there anything more I have to do than just restart vmware? Does the guest need some sort of change?

0 Kudos
jakestokes
Contributor
Contributor

To anyone that reads this here is the solution to my problem, and why it seems that the problem is with XP:

The problem is with XP. When you build a new XP anything, it defaults the firewall to on... The XP firewall blocked my incoming pings, nat.conf port forwardings, pretty much everything... I turned it off and everything worked.

-Jake

0 Kudos