Google compute network load balancing health checks are failing - load-balancing

I have debian instances with nginx on 80 port. Firewall rules allow 80 port :
Source Ranges: 0.0.0.0/0
Allowed Protocols or Ports: tcp:80
GCE health checks are failing for that instances while curl correctly returns a 200 OK response.
On those instances i have installed upstart instead of default System V init.
Could it be related?! Are there any special services that should be running on the instance to get health check working?!
Here is the instance tcpdump output showing there is no ack flags coming from load balancer (169.254.169.254 as described here) :
19:13:20.513882 IP 169.254.169.254.49291 > 130.211.125.185.80: Flags [S], seq 503850, win 8096, options [mss 1024], length 0
19:13:23.016788 IP 169.254.169.254.49291 > 130.211.125.185.80: Flags [S], seq 503850, win 8096, options [mss 1024], length 0
19:13:26.017750 IP 169.254.169.254.49291 > 130.211.125.185.80: Flags [S], seq 503850, win 8096, options [mss 1024], length 0

Since you changed the init daemon, it is very probable your problem is related to google-address-manager script not running. You can try to start the process manually or adding the ip address of the load balancer as described in Google Compute Engine health checks failing.

Related

cannot ssh to Google VM Engine

at the first day when i created the instance, i was able to SSH no problem, but after yesterday, i just couldnt connect to my instance. when i checked the console i get something like this
Nov 5 15:30:49 my-app kernel: [79738.555434] [UFW BLOCK] IN=ens4 OUT= MAC=42:01:0a:94:00:02:42:01:0a:94:00:01:08:00 SRC=71.15.27.115 DST=10.121.0.7 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=38049 PROTO=TCP SPT=37344 DPT=22 WINDOW=60720 RES=0x00 SYN URGP=0
i figured its a firewall issue, but my firewall rule seems okay (assuming i did not change anything since first i created the instance). i wonder what else could be the problem? here's my fw config
default-allow-http
http-server
IP ranges: 0.0.0.0/0
tcp:80
Allow
1000
default
default-allow-https
https-server
IP ranges: 0.0.0.0/0
tcp:443
Allow
1000
default
default-beego-http
http-server
IP ranges: 0.0.0.0/0
tcp:8080
Allow
1000
default
default-jenkins-app
http-server
IP ranges: 0.0.0.0/0
tcp:8989
Allow
1000
default
default-allow-icmp
Apply to all
IP ranges: 0.0.0.0/0
icmp
Allow
65534
default
default-allow-internal
Apply to all
IP ranges: 10.128.0.0/9
tcp:0-65535, udp:0-65535, 1 more
Allow
65534
default
default-allow-rdp
Apply to all
IP ranges: 0.0.0.0/0
tcp:3389
Allow
65534
default
default-allow-ssh
Apply to all
IP ranges: 0.0.0.0/0
tcp:22
Allow
65534
default
Looking at the output you’ve provided following your attempt to SSH into your instance, it looks like you’re being blocked by UFW (Uncomplicated Firewall) which is installed/enabled on the actual instance, rather than the GCP project wide firewall rules you have set (these look okay).
In order to SSH into your VM you will need to open port 22 in UFW on the instance. There are a couple of possible methods that will allow you to do this.
Firstly, see Google Compute Engine - alternative log in to VM instance if ssh port is disabled , specifically the answer by Adrián which explains how to open port 22 using a startup script. This method requires you to reboot your instance before the firewall rule is applied.
Another method which doesn’t require a reboot of the machine makes use of the Serial Console. However, in order to use this method a password for the VM is required. This method is therefore only possible if you previously set a password on the VM (before losing access).
To connect via the Serial Console the following metadata must be added, either to the instance you are trying to connect to, or to the entire project:
serial-port-enable=1
You can apply the metadata to a specific instance like so:
gcloud compute instances add-metadata [INSTANCE_NAME] \
--metadata=serial-port-enable=1
Or alternatively, to the entire project by running:
gcloud compute project-info add-metadata --metadata=serial-port-enable=1
After setting this metadata you can attempt to connect to the instance via the Serial Console by running the following command from the Cloud Shell:
gcloud compute connect-to-serial-port [INSTANCE_NAME]
When you have accessed the instance you will be able to manage the UFW rules. To open port 22 you can run:
sudo /usr/sbin/ufw allow 22/tcp
Once UFW port 22 is open, you should then be able to SSH into your instance from Cloud Shell or from the Console.
There is some additional info about connecting to instances via the Serial Console here:
https://cloud.google.com/compute/docs/instances/interacting-with-serial-console

cannot connect to internet from virtual machine

I am using Vmware Player to use Ubuntu 14.04 but I am unable to get any internet connection in my virtual machine even though my system is connected to the internet. The original OS in my system is Windows 7. Can anybody suggest the way out.
Found the solution by browsing through multiple threads. Compiling it here.
EDIT : Please check if your network is in bridged mode or not if you are using VMWare/ VirtualBox before following the steps below. Enabling bridge mode and restarting guest OS can resolve the issue.
First check if your network is disabled by using the following cmd in terminal:
sudo lshw -C network
If it shows disabled after the name of your adapter ( note down the logical name for later use)
*-network DISABLED
description: Ethernet interface
product: 82545EM Gigabit Ethernet Controller (Copper)
vendor: Intel Corporation
physical id: 1
bus info: pci#0000:02:01.0
logical name: ens33
All we need to do is enable the adapter, so lets get started.
open up your interfaces file by using the following cmd:
sudo gedit /etc/network/interfaces
My file had the following data written:
auto lo
iface lo loopback
But the logical name of my NIC was ens33 ( not lo), so i changed it to read the following and saved the file.
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto wlan0
iface wlan0 inet dhcp
Now time to restart the networking service.
sudo /etc/init.d/networking restart
check if network is back up, it shouldn't have that disabled tag anymore.
sudo lshw -C network
Enjoy your internet :)
If that doesn't work -> But as explained earlier change the network adaptor settings to bridged in your virtual machine settings.
If all that does not work, the best way to resolve the issue is
Restore your VM network settings
If you are using an older version download a new version (trial version would also work) - we are just updating your settings
Follow the steps:
Depending on how you are connected to the network, try either Bridged or NAT mode for the VM's network adapter. Keep in mind that you may lose connectivity from the host machine to the VM. In this case you'll need another network adapter.
In most cases NAT should work. In this case only your host machine's IP is visible to the network, and ports are allocated for the VM to communicate to the outside world. The problem is that you can't connect to the VM from the host machine if you need to. Add another adapter as I mentioned above and connect to its IP address. You will have two adapters - one for the Internet and the other for host-to-guest.
In the bridge mode the VM is visible to the outside network, so a network configuration is required that enables the VM to get an IP address and participate in the network (for example, network administrators may block unknown MAC addresses). The host machine talks with the VM as it were just a computer on the network.
Update your question with additional information if my suggestion does not work: guest OS, how your host computer is connected to the network, what the current configuration of the VM's network adapters is. Is it a home or a workplace computer?
UPDATE
So I guess if you are connected to a corporate LAN, then NAT will work while Bridge will not. To add another interface 1) add an adapter in VMWare Player; 2) Add an interface in Ubuntu. Assuming your existing interface is eth0, edit /etc/network/interfaces, adding these lines:
auto eth1
iface eth1 inet dhcp
Then restart the networking service:
sudo /etc/init.d/networking restart
UPDATE 2
Another reason for your not being able to connect to the Internet may be a proxy server. Make sure that the proxy configuration in the VM is the same as in the host machine.
CLose VM,
Go to VM Settings and Network adapters
Then click on adapter 1 and select Shared Networking NAT.
Start VM

Vagrant: can not ping guest machine from the host

I have Mac OS with installed vagrant. On guest machine I have Ubuntu 12. So, what I would like to do is ping guest machine from host.
Guest machine attached to NAT (according to VirtualBox settings)
I found only one interface on guest machine (except lo):
eth0 Link encap:Ethernet HWaddr 08:00:27:88:0c:a6
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe88:ca6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:581 errors:0 dropped:0 overruns:0 frame:0
TX packets:410 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:61376 (61.3 KB) TX bytes:51599 (51.5 KB)
The thing is that there is not ip address in 10.0.2.* network on the host. Host machine has several vboxnet interfaces, but they all don't have any ip addresses:
vboxnet0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00
vboxnet1: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:01
vboxnet2: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:02
vboxnet3: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:03
Have you got any idea why ip address is not assigned to host machine by VirtualBox? What can I do to be able to ping gust machine?
Here is my vagrant file (I removed some commented lines which I do not use):
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# All Vagrant configuration is done here. The most common configuration
# options are documented and commented below. For a complete reference,
# please see the online documentation at vagrantup.com.
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "hashicorp/precise64"
# The url from where the 'config.vm.box' box will be fetched if it
# doesn't already exist on the user's system.
# config.vm.box_url = "http://domain.com/path/to/above.box"
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
config.vm.network "forwarded_port", guest: 80, host: 8080
config.vm.network "forwarded_port", guest: 3306, host: 8086
config.vm.network "forwarded_port", guest: 27017, host: 27017
config.vm.synced_folder "/Users/KoulSlou/Documents/Cloudware12.10", "/vagrant", owner: "www-data", group: "www-data"
config.vm.synced_folder "/Users/KoulSlou/Documents/Cloudware/public","/cloudware", owner: "www-data", group: "www-data"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
#config.vm.network "private_network", ip: "192.168.1.2"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# If true, then any SSH connections made will enable agent forwarding.
# Default value: false
# config.ssh.forward_agent = true
...
end
By default (i.e. when not touching any network configurations), Vagrant configures VMs in VirtualBox to attach their first interface (eth0) to "NAT" (don't confuse it with "NAT Network" which is different option in VirtualBox).
When your VM interface is attached to NAT, the guest will get 10.0.2.15 IP. On the host side you will only see vboxnet# interface without IP. You can think about this interface as a private router for that guest.
VMs that are connected to NAT are not routable from the outside world. This is by design and that's one of the reasons why vboxnet# interface has no IP. VMs are able to access the "outside world" such as the internet and host machine but cannot be accessed from the outside world without port forwarding.
If default behaviour is not what you looking for, Vagrant provides high level abstraction of networking config:
Private network - This will create new subnet that shouldn't collide with host's subnet (or any other subnets the host might have route to). In VirtualBox this will be configured by attaching additional interface to "Host-Only".
Public network - Your VMs will get IP from the same subnet as your host. Basically this is like creating new machine on the same network as your host. In VirtualBox this will be configured by attaching additional interface to "Bridged Adapter".
More advanced networking configurations are possible by configuring networking via provider specific configuration.
Each config has it's own pros and cons and it's really depends on what you plan to achieve.
For additional info check VirtualBox's docs about networking.
I was exactly in the same case, here is a solution that worked for me.
If your vm was up, stop it with:
vagrant halt
Then go to your vagrant box, and open the VagrantFile.
Uncomment (or manually add) the following line inside of it
config.vm.network "public_network"
This will make sure that the next time you "vagrant up" your vm, it will make sure that your vm will get IP from the same subnet as your host (see #m1keil's answer for more details).
Then make your vm up again:
vagrant up
In my case it asked me which interface I should use for the network bridge, here is an excerpt of what I had:
==> default: Available bridged network interfaces:
1) en0: Ethernet
2) en1: Wi-Fi (AirPort)
==> default: When choosing an interface, it is usually the one that is
==> default: being used to connect to the internet.
default: Which interface should the network bridge to? 1
==> default: Preparing network interfaces based on configuration...
Notice that it tells you what your available interfaces are.
Type the number corresponding to the interface that you want, in my case I typed 1 (for en0: Ethernet).
And lastly, connect to your vagrant box.
In my case:
vagrant ssh
Then from the host, if you type ifconfig, you still won't be able to see the ip address of your vm, BUT, if you type ifconfig from your vm, it will give you an ip address that you can ping/access from your host.
Note: If you want to ping/access your host from your guest, be sure that your firewall is off (System>Preferences>Security). The firewall doesn't affect pings from the host to the vm though.
I'm not sure why you are seeing an IP address on the guest but you are not configuring any virtualbox networking at all given that vagrant file. You will want to uncomment the config.vm.network "private network" line and then configure the IP address.
The default setup for virtualbox is to put the host at 10.0.0.2 and expose the whole 10.0.0.0/8 range as a local address so I think anything in the 10.x.x.x range will work for the client vm.

Configure SQL Connection with jdbc - vagrant

I have a vagrant server:
postgres#precise32:/home/vagrant/teste/pg-hostname-master$ ifconfig
eth0 Link encap:Ethernet
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
eth1 Link encap:Ethernet
inet addr:33.33.33.33 Bcast:33.33.33.255 Mask:255.255.255.0
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
The port is:
name | port
setting | 5432
My question is, what is the correct data to use jdbc?
I already tried:
jdbc:postgresql://localhost:5432/test
jdbc:postgresql://33.33.33.33:5432/test
jdbc:postgresql://127.0.0.1:5432/test
None of these works.
org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Update:
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 1020/postgres
In postgresql.conf
Listen_adresses = '*'
vagrant log
C:\Users\xx>vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
[default] Clearing any previously set forwarded ports...
[default] Clearing any previously set network interfaces...
[default] Preparing network interfaces based on configuration...
[default] Forwarding ports...
[default] -- 22 => 2222 (adapter 1)
[default] Booting VM...
[default] Waiting for machine to boot. This may take a few minutes...
DL is deprecated, please use Fiddle
[default] Machine booted and ready!
[default] Configuring and enabling network interfaces...
[default] Mounting shared folders...
[default] -- /vagrant
[default] VM already provisioned. Run `vagrant provision` or use `--provision` to force it
Basically, I need to know how can I set a remote db connection between vagrant (ubuntu) and windows desktop. Both running in the same desktop.
First a disclaimer - I have used virtualbox and postgresql quite a lot, but I have not used vagrant, so advice I can give about that is limited.
From your description and the information in the comments, I think your problem is related to network connectivity between the VM and the host environment.
Virtualbox supports a few different network emulations - eg NAT, Bridged, Internal Network, Host-only. When using vagrant, vagrant will attempt to administer the VM to align to the configuration in the 'vagrantfile'.
The 'NAT' adapter uses a simulated NAT. It is a bit like having the VM on the inside of a private network with a router connecting it to the internet. You can make outgoing connections via the NAT interface but not incoming connections, unless you set up port forwarding. Your vagrant log file says this:
[default] -- 22 => 2222 (adapter 1)
indicating that port 2222 is being forwarded to port 22 on the VM (at least that is how I interpret this printout). This would allow you to connect to the VM via SSH from a client such as putty running in the windows environment. Virtualbox listens on port 22 on the loopback adaptor (127.0.0.1) in the Windows environment, forwarding any connections to the NAT adaptor in the VM.
Your ifconfig shows two ethernet adapters (aside from the loopback) - one configured for address 10.0.2.15 and the other for 33.33.33.33.
10.0.2.15 is the address used by the NAT adaptor.
33.33.33.33 seems to have been configured by the following lines in your vagrantfile:
# Create a private network, which allows host-only access to the machine
# using a specific IP.
config.vm.network :private_network, ip: "33.33.33.33"
So, this is configuring an internal network, probably using a 'host-only' adaptor in virtualbox. The problem is, I suspect that the IP address 33.33.33.33 is not valid for such a network. The default internal network in virtualbox is set up for the network 192.168.56.0/24.
Here are the steps I recommend you follow to resolve this:
Before doing anything else, double check that you can establish a connection to the postgresql server using:
su - postgres
psql -h 127.0.0.1 template1
from a shell on the VM (ie. either log in via ssh or using the VM console). This ensures that postgresql is running and accepting connections from network interfaces.
Confirm that the Virtualbox VM is configured for a host-only adaptor as 'Adaptor 2'. From the virtualbox GUI, select VM -> settings -> Network -> Adaptor 2. It should say 'Host-only adaptor'. Note the name of the adaptor.
Check the configuration of the host only network. From the Virtualbox GUI, File -> Preferences -> Network -> Host-Only Networks -> double click the named network from step 1. Note the IPv4 address and netmask. The defaults for that are 192.168.56.0 and 255.255.255.0.
You should be using a private network.
In your vagrantfile, change the ip address to one that is in the range of the network seen in step 2 - eg. 192.168.56.10. Then restart vagrant using whatever command is needed to get it to reconfigure the VM.
Confirm that you can ping the address you have used from the windows command prompt. Also that you can connect the VM using an SSH client on the windows side, using the same address.
If all of that has worked, you should be able to connect to the postgresql server using jdbc:postgresql://{ipaddr}:5432/test where {ipaddr} is the ip address you used in step 3,4.
First check that you don't have any other VMs running with the same IP. vagrant halt that machine and try to ping "33.33.33.33". It shouldn't respond. (By the way, 33.33.33.x is a public network that somebody own, you should use a private network like 192.168.33.x.)
Also some VPN software can mess up the routing. Are you running any?
The localhost addresses won't work from host, unless you set port forwarding:
Vagrant.configure("2") do |config|
config.vm.network "forwarded_port", guest: 5432, host: 5432
end

How to SSH to a VirtualBox guest externally through a host? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I have a Ubuntu VM running on my Windows 7 machine. How do I set it up so that I can access the webserver externally through SSH?
I found steps (Setup SSH access between VirtualBox Host and Guest VMs) to be able to ssh to my guest from my host, but that still leaves me with the problem of accessing it through my router.
I suppose that I could install an SSH server on my Windows machine and then tunnel a few times (though I'm not 100% sure what to use in terms of local, dynamic, etc. or how to set up multiple tunnels?), but is there a way to make the VM directly accessible to my router so I could directly port forward to it?
The best way to login to a guest Linux VirtualBox VM is port forwarding. By default, you should have one interface already which is using NAT. Then go to the Network settings and click the Port Forwarding button. Add a new Rule. As the rule name, insert "ssh". As "Host port", insert 3022. As "Guest port", insert 22. Everything else of the rule can be left blank.
or from the command line
VBoxManage modifyvm myserver --natpf1 "ssh,tcp,,3022,,22"
where 'myserver' is the name of the created VM. Check the added rules:
VBoxManage showvminfo myserver | grep 'Rule'
That's all! Please be sure you don't forget to install an SSH server in the VM:
sudo apt-get install openssh-server
To SSH into the guest VM, write:
ssh -p 3022 user#127.0.0.1
Where user is your username within the VM.
Change the adapter type in VirtualBox to bridged, and set the guest to use DHCP or set a static IP address outside of the bounds of DHCP. This will cause the Virtual Machine to act like a normal guest on your home network. You can then port forward.
Keeping the NAT adapter and adding a second host-only adapter works amazing, and is crucial for laptops (where the external network always changes).
http://muffinresearch.co.uk/archives/2010/02/08/howto-ssh-into-virtualbox-3-linux-guests/
Remember to create a host-only network in virtualbox itself (GUI -> settings -> network), otherwise you can't create the host-only interface on the guest.
You can also use a Bridged Network (or "Bridge Adapter", in newer versions) in network settings. This will put your VM in a VLAN with your machine. So you can just ssh into the VM like this.
ssh user#IP_OF_VM
How to do host-only network (better than bridged) for Solaris 10 and Ubuntu 16.04
Add Host-only interface
Virtualbox > File > Preferences > Network > Host-only Networks > Add
Shutdown vm.
VM's Settings > Network. First adapter should be Nat, second Host-only.
Start cmd.exe and run ipconfig /all. You should see lines:
Ethernet adapter VirtualBox Host-Only Network:
...
IPv4 Address. . . . . . . . . . . : 192.168.59.1
Second adapter in guest should also be in 192.168.59.*.
Start VM.
Solaris 10
Check settings ifconfig -a. You should see e1000g0 and e1000g1. We are interested in e1000g1.
ifconfig e1000g down
ifconfig e1000g 192.168.56.10 netmask 255.255.255.0 up
Check from host if this interface is reachable: ping 192.168.56.10
Preserve those settings upon reboot
# vi /etc/hostname.e1000g1
192.168.56.10 netmask 255.255.255.0
# reboot
Configure ssh service (administering) to login as root (not adviced)
Check if ssh is enabled
# svcs -a | grep ssh
online 15:29:57 svc:/network/ssh:default
Modify /etc/ssh/sshd_config so there is
PermitRootLogin yes
Restart ssh service
svcadm restart ssh
From host check it
ssh root#192.168.56.10
Ubuntu 16.04
List interfaces:
ip addr
You should see three interfaces like lo, enp0s3, enp0s8. We will use the third.
Edit /etc/network/interfaces
auto enp0s8
iface enp0s8 inet static
address 192.168.56.10
netmask 255.255.255.0
Then sudo ifup enp0s8. Check if enp0s8 got correct address. You should see your ip:
$ ip addr show enp0s8
...
inet 192.168.56.10/24 brd 192.168.56.255 scope global secondary enp0s8
If not, you may run sudo ifdown enp0s8 && sudo ifup enp0s8
https://superuser.com/questions/424083/virtualbox-host-ssh-to-guest/424115#424115
In order to ssh to a Ubuntu VM running in VirtualBox from your host machine, you need to set up two network adapters for the VM.
First of all, stop the VM if not yet.
Then select the VM and click the Settings menu in the VirtualBox toolbar:
Set up Adapter 1
Set up Adapter 2
(Note: you don't need to set up any port forwarding.)
That's it. Once set up, you can start your VM. In your VM, the network configuration will look like below and you'll have Internet access too:
Also in your host machine, you can ssh to your VM:
Be sure that the SSH server has been installed and up running in the VM.
$ ps aux | grep sshd
root 864 0.1 0.5 65512 5392 ? Ss 22:10 0:00 /usr/sbin/sshd -D
If not, install it:
$ sudo apt-get install openssh-server
Also for your information:
My VirtualBox version: 5.2.6 r120293 (Qt5.6.2), 2018
My Ubuntu version: Ubuntu 16.04.3 LTS
My host machine: Windows 10
SSH Back to Your Home / Office VirtualBox Guest Machine From The INTERNET
The answers provided by other users here : How to SSH to a VirtualBox guest externally through a host?
... helped me to accomplish the task of connecting from out on the internet to my home computer's guest machine. You should be able to connect using computers, tablets, and smart phones (android, IPhone,etc). I add a few more step in case it might be helpful to someone else:
Here is a quick diagram of my setup:
Remote device ---> INTERNET --> MODEM --> ROUTER --> HOST MACHINE --> GUEST VM
Remote device (ssh client) ---> PASS THRU DEVICES ---> GUEST VM (ssh server)
Remote device (leave ssh port 3022) ---> INTERNET --> MODEM --> ROUTER (FWD frm:p3022 to:p3022)--> HOST MACHINE (FWD frm:p3022 to:p22) --> GUEST VM (arrive ssh port 22)
The key for me was to realize that ALL connections was PASSING-THROUGH intermediary devices to get from my remote PC to my guest virtual-machine at home --Hence port forwarding!
Notes:
* Need ssh client to request a secure connection and a running ssh server to process the secure connection.
I will forward the port 3022 as used in the chosen answer from above.
Enter your IPs where needed (home modem/router, host IP, guest IP,etc.), Names chosen are just examples-use or change.
1.Create ssh tunnel to port 3022 on your modem's IP / router's external IP address.
ssh client/device possible commands: ssh -p 3022 user-name#home_external_IP
2.Port forward = we are passing thru the connection from router to host machine
Also make sure firewall /IPtable rules on router is allowing ports to be forward (open if needed)
Router's Pfwd SCREEN required entries: AppName:SSH_Fwd, Port_from: 3022, Protocol:both (UDP/TCP), IP_address:hostIP_address, Port_to:3022, everything else can be blank
DD-WRT router software resources / Info:
DD-WRT Port_Forwarding
DD-WRT Static_DHCP
3.Host Machine Firewall: open port 3022 #so forwarded port can pass thru to guest machine
Host Machine: Install VirtualBox, guest additions, and guest machine if not done already
Configure guest machine and then follow the Network section below
I used VirtualBox GUI to setup guest's network- easier than CLI
If you want to use other methods refer to : VirtualBox/manual/ch06.html#natforward
4.Some suggest using Network Bridge adapter for guest = access to LAN and other machines on your LAN. This also pose an increase security risk, because now your guest machine is now exposed to LAN machines and possibly the INTERNET hackers if firewall not setup properly. So I selected Network adapter attached to NAT for less exposure to bridged security risks.
On the guest machine do the following:
Guest Machine VirtualBox Network settings: Adapter 1: Attached to NAT
Guest Machine VirtualBox Port Forwarding Rule: Name:External_SSH, Protocol:TCP, Host Port: 3022, Guest Port 22, Host&guest IPs:leave blank
click on advance in Network section then click on Port forwarding to enter rules
Guest Machine Firewall: open port 22 #so ssh connection can enter
Guest Machine: Make sure that ssh server is installed, configured properly, and running
LINUX test to see if ssh server running w/command: sudo service ssh status
Can check netstat to see if connection made to port 22 on the guest machine
Also there are different ssh servers and clients depending on platform using.
wikipedia/Secure_Shell
wikipedia/Comparison_of_SSH_servers
wikipedia/Comparison_of_SSH_clients
For Ubuntu Users:
ubuntu community: SSHOpenSSH/Configuring
ubuntu/community: OpenSSH/Keys
That should be it. If I made a mistake or want to add anything -feel free to do so-- I am still a noob.
Hope this helps someone. Good luck!
For Windows host, you can :
In virtualbox manager:
select ctrl+G in your virtualbox manager,
then go to network pannel
add a private network
make sure that activate DHCP is NOT selected
In network management (windows)
Select the newly created virtualbox host only adapter and the physical network card
Right-Click and select "Make bridge"
Enjoy
You can also initiate a port forward TO your HOST, OR ANY OTHER SERVER, from your Guest. This is especially useful if your Guest is 'locked' or can't otherwise complete the ModifyVM option (e.g. no permission to VBoxManage).
Three minor requirements are 1) you are/can log into the VirtualBox Guest (via 'console' GUI, another Guest, etc), 2) you have an account on the VirtualBox HOST (or other Server), and 3) SSH and TCP forwarding is not blocked.
Presuming you can meet the 3 requirements, these are the steps:
On the Guest, run netstat -rn and find the Gateway address to the default route destination 0.0.0.0. Let's say it's "10.0.2.2". This 'Gateway' address is (one of) the VirtualBox Host virtual IP(s).
On the Guest, run ssh -R 2222:localhost:22 10.0.2.2 where "10.0.2.2" is the VirtualBox server's IP address -OR- any other server IP you wish to port forward to.
On the Host, run ssh 10.0.2.2 -p2222 where 10.0.2.2 is the default gateway/VBHost virtual IP found in step 1. If it is NOT the VirtualBox host you are port forwarding to, then the command is ssh localhost -p2222
Follow below steps to login to your ubuntu VM running in virtual box from the host machine using putty (Without port forwarding):
On Virtualbox manager select the vm, click on settings icon. Then go Networks and enable two adaptors as below:
Adaptor 1 (For internet access): Attached to -> NAT, Advanced -> Check the cable connected.
Adaptor 2: Attached to -> Host only adaptor, Advanced -> Check the cable connected and Promiscuous mode -> Allow all.
Start the ubuntu vm.
Login to the VM as root.
Edit the file '/etc/network/interfaces' as below and save it:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
Restart the VM.
Login to the VM and run below command to check the IP allocated to eth1:
ifconfig
Use this IP to open putty session for the VM.
A good explanation about how to configure port forwarding with NAT is found in the VirtualBox documents:
http://www.virtualbox.org/manual/ch06.html#natforward
Ubuntu 18.04 LTS
Configuration with bridged to see the server ip, and connect without "port forwarding"
VirtualBox > right click in server > settings > Network > enable adapter 2 > select "bridged" > Promiscuous mode: allow all > Check the cable connected > start server
On ubuntu server, edit sudo nano /etc/netplan/*init.yaml file,
My sample file:
network:
ethernets:
enp0s3:
addresses: []
dhcp4: true
enp0s8:
addresses: [192.168.0.200/24]
dhcp4: no
dhcp6: no
nameservers:
addresses: [8.8.8.8, 8.8.4.4]
version: 2
Commands that will help you
nano /etc/netplan/file.yaml # file to specify the rules of network
reboot now # restart ubuntu server right now
netplan apply # do after edited *.yaml, to apply changes
ifconfig -a # show interfaces with ip, netmask, broadcast, etc...
ping google.com # to see if there is internet
Configure Static IP Addresses On Ubuntu 18.04 LTS Server - with NetPlan
Simply setting the Network Setting to bridged did the trick for me.
Your IP will change when you do this. However, in my case it didn't change immediately. ifconfig returned the same ip. I rebooted the vm and boom, the ip set itself to one start with 192.* and I was immediately allowed ssh access.
On secure networks setting your network to bridge might not work. Administrators could only allow one mac address per port or even worse block the port should the switches detect multiple macs on one port.
The best solution in my opinion is to set up additional network interfaces to handle additional services you would like to run on your machines. So I have a bridge interface to allow for bridging when I take my laptop home and can SSH into it from other devices on my network as well as a host only adapter when I would like to SSH into my VM from my laptop when I am connected to the eduroam wifi network on campus.
Use NAT network adapter and Add port forward. Mention actual host ip.Do not use 127.0.0.1 or localhost.