NAT Port forwarding not working

ArthurG · ‎07-10-2009

I'm running Guest Ubuntu 8.04.2 LTS 32-bit on 64-bit VMware Workstation 6.5.2 on Red Hat Linux version 2.6.18 on box X, a 64-bit X86.

First, when I select "Edit->'Virtual Network Editor" absolutely nothing happens. I've tried this both with the VM powered on and powered off.

(PS. The manual -- ws65_manual.pdf -- appears to refers to this as both 'Virtual Network Settings' (p. 282) and 'Virtual Network Editor' (p. 288).)

So I've tried to set up port forwarding with nat.conf. Inside the Guest I'm running a small server on port 8888. I can prove that it works by accessing it from a local telnet. I want to be able to access the server from machines outside box X.

The VMware network interface is at IP address 192.168.212.130. On box X, one can connect to the server, as follows:

$ telnet 192.168.212.130 8888

Trying 192.168.212.130...

Connected to 192.168.212.130 (192.168.212.130).

In the file /etc/vmware/vmnet8/nat/nat.conf on box X this section has been added

incomingtcp

8888 = 192.168.212.130:8888

Box X's network interface is at 128.122.60.146, as reported by /sbin/ifconfig. Box X has only 1 hardware port, eth0.

I subsequently restarted vmware, the Ubuntu guest and the server inside it. However, a connection CANNOT be established to the server from outside box X.

$ telnet 128.122.60.146 8888

Trying 128.122.60.146...

telnet: connect to address 128.122.60.146: Connection refused

Boxes other than X can connect to a network server listening on TCP port 8888 on box X. This has been demonstrated with a simple server program and "telnet boxX 8888".

What other debugging and/or configuration should I try to enable communication to the server running on the guest OS?

AWo · ‎07-12-2009

Boxes other than X can connect to a network server listening on TCP port 8888 on box X. This has been demonstrated with a simple server program and "telnet boxX 8888".

If 8888 open on the host as well? If so, shut down the process using this port already.

Try "8888 = 192.168.212.130:88" and telnet to "128.122.60.146 88".

Disable all firewalls on the host while testing.

AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

ArthurG · ‎07-14-2009

Thanks, AWo

-- If 8888 open on the host as well? If so, shut down the process using this port already.

no server is listening on 8888 on the host.This is demonstrated because 'telnet boxX 8888' returns no connection.

-- Disable all firewalls on the host while testing.

done

-- Try "8888 = 192.168.212.130:88" and telnet to "128.122.60.146 88".

tried: $ telnet 128.122.60.146 88

Trying 128.122.60.146...

telnet: connect to address 128.122.60.146: Connection refused

telnet: Unable to connect to remote host

AWo · ‎07-15-2009

Do the lines in the NAT configuration look like this:

incomingtcp

8888 = 192.168.212.130:8888

or this

8888 = 192.168.212.130:8888

I saw the first one in your EMail and that would be wrong. You need the square brackets (Imaging there were square brackets shown in this post, but this forum software doesn't show them correctly).

AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

ArthurG · ‎07-15-2009

AWo

Yes I write

\[incomingtcp\]

8888 = 192.168.212.130:8888

with brackets. (The formatter thought they were special characters earlier, but I escape them with backslash here.)

Since it doesn't work, and VMware provides neither assistance nor good debugging tools, I've given up trying to use NAT Port Forwarding, and am using bridging.

BR

A

K-MaC · ‎07-15-2009

Have you tried using wireshark or similar tool?

Cheers

Kevin

Cheers Kevin

AWo · ‎07-16-2009

Sorry, but I must ask this again:

- Can you access the port from the guest using localhost? (I guess this was a yes)

- Can you access the port from the guest using the IP address? (I guess this was a yes, too)

- Can you access the port from the host?

AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

edunne · ‎03-08-2011

I was digging around for a solution to a problem that I am having with NAT port forwarding. This post is a bit old and doesn't seem to ever been resolved, but I hope it's still being monitored.

I am running windows 7 professional 64 bit edition.

I created a VM using VM player 3.1.3 build-324285.

The guest OS (i.e. the OS of the virtual machine that I am running in windows) is a Centos5 linux machine.

I can browe the internet just fine using firefox inside Centos5. However, if I try to run apache (for example) or other services inside the VM I can't hit those services from my host machine.

Here's what I done so far.

Configured NAT port forwarding for both UDP and TCP/IP. I checked the vmnetnat.conf file and it is correctly configured with

20000 = 192.168.232.129:20000

So the idea is that if I hit port 20000 on the host that request will be routed through to the Centos5 VM and have apache on port 20000 handle the request.

I've turned off windows firewall on the host machine and also ensured that the port is open in ifconfig on the centos5 machine. Running nmap confirms that port 20000 is open.

I even fired up nc (netcat) on the centos5 machine to listen for any connection on port 20000 and it listens patiently to no avail. The requests never make it through NAT port forwarding.

Ideas?

Kissell · ‎08-25-2011

Did any of you guys ever figure this out? I'm at the same spot now. I have configured the nat.conf in linux, I have checked it over and over, it is configured correctly per the guides, same way you guys have listed here. Yet VMware Workstation in Linux isn't listening for those ports on the single physical NIC eth0. And because it isn't listening for them, it is never passing them on to the Guest OS inside the NAT.

I have a Guest OS with IP: 10.0.0.110. I'm trying to get to it from the physical network. The single NIC in the linux box is eth0 with IP: 192.168.0.100

From the linux box running VMware Workstation, I can web browse to the Guest OS via it's IP, http://10.0.0.110. However, I cannot connect via the host's NIC at http://192.168.0.100, so I cannot get to the Guest OS website from any other computers outside the NAT.

Here is my /etc/vmware/vmnet8/nat/nat.conf:

# Linux NAT configuration file
[host]

# NAT gateway address

ip = 10.0.0.2

netmask = 255.255.255.0

configport = 12345

# VMnet device if not specified on command line

device = /dev/vmnet8

# Allow PORT/EPRT FTP commands (they need incoming TCP stream ...)

activeFTP = 1

# Allows the source to have any OUI. Turn this one if you change the OUI

# in the MAC address of your virtual machines.

allowAnyOUI = 1

[udp]

# Timeout in seconds, 0 = no timeout, default = 60; real value might

# be up to 100% longer

timeout = 30

[incomingudp]

[incomingtcp]

80 = 10.0.0.110:80

443 = 10.0.0.110:443
And here is an nmap of physical eth0:
Scanning 192.168.0.100 [1000 ports]
Discovered open port 445/tcp on 192.168.0.100
Discovered open port 5900/tcp on 192.168.0.100
Discovered open port 3389/tcp on 192.168.0.100
Discovered open port 8080/tcp on 192.168.0.100
Discovered open port 139/tcp on 192.168.0.100
Discovered open port 111/tcp on 192.168.0.100
Discovered open port 22/tcp on 192.168.0.100
Discovered open port 2049/tcp on 192.168.0.100
Discovered open port 5910/tcp on 192.168.0.100
Discovered open port 5901/tcp on 192.168.0.100
As you can see, the physical NIC at eth0 is not listening for any service on port 80 or 443, even though I have that configured in the nat.conf file.
Therefore, I believe there is something I need to do to turn on port forwarding, so that when VMware Workstation is open it will listen on the ports configured in the nat.conf file... but I don't know how to do that step.

Helliana · ‎07-01-2012

Anyone ever figure anything out? I'm having the same problem.