Can't access VMware virtual machine through SSH

networking ssh virtual-machine port-forwarding vmware-server
10,495

Solution 1

If you are able to ssh into host from remote, than you need to check the firewall on host, if ssh ports (22) are forwarded to vm.

There is a similar question here.

There, it is the ufw firewall, which needs to have a rule like

ufw route allow 2222/tcp to 192.168.130.128 port 22

to allow connection to host on port 2222 and forward tcp to vm guest at ip 192.168.130.128:22

And this User mentioned, that ufw is a frontend to iptables, so go to your frontend or edit your iptables in that kind.

iptables -t nat -A PREROUTING -m tcp -p tcp --dport 2222 -j DNAT --to-destination 192.168.130.128:22

The missing part

Short version You told iptables to add a PREROUTING rule to your nat table. The missing part is:

#---------------------------------------------------------------
# After DNAT, the packets are routed via the filter table's
# FORWARD chain.
# Connections on port 22 to the target machine on the private
# network must be allowed.
#---------------------------------------------------------------
# The `\` masks the `linebreak` in the `bash command`
# You can `copy & paste` all the lines at once

# From the manual
# Changing to specific IP and Interfaces  
# being:
# `eth0` your host adapter and
# `vmnet8` your guest adapter

This is the connection into the target machine: 

iptables -A FORWARD -p tcp -i eth0 -o vmnet8 -d 192.168.130.128 \
    --dport 22 --sport 2222 -m state --state NEW -j ACCEPT

And these are the filter from host interface to your guest interface and vice versa.

iptables -A FORWARD -t filter -o eth0 -m state \
         --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -t filter -i vmnet8 -m state \
         --state ESTABLISHED,RELATED -j ACCEPT

Solution 2

There are two separate networks you are dealing with here. I'll give you an example:

IP your ISP gives you = 22.24.42.44
IP of your router = 192.168.2.1
Host System IP = 192.168.2.2
IP of your VM = 10.5.5.4

This configuration is how my virtual environment's networking looks. So you actually have two networks you would have to port forward across to get Public access to your VM. Think of it like your hypervisor (host system) IS a router for your VM.

I followed this how-to to setup my config, but you may have a more complex configuration.. it depends on what application you want to run - RDC, apache, ssh. There is more good information here. You'll have to give more detail than I would want to ask for on a public site for me to help with specifics. The principles are always the same -- make a localhost:<> connection to your physical system forward through VMware Server 2 to the VM port you want to access (22 for SSH).

Share:
10,495

Related videos on Youtube

bilal
Author by

bilal

Updated on September 18, 2022

Comments

  • bilal
    bilal over 1 year

    I have got a VMware Server 2 on a CentOS 5.6 host. I can access my virtual machines from the host machine, but I can not access it from other machines.

    I have configured NAT port forwarding. But somehow I have no access to the VM using ssh. I have checked all firewall settings and they seem right.

    What can cause this problem?

    • mbb
      mbb almost 13 years
      Hi Bilal - someone would need much more detail to answer your question. From what I understand, you have an ESX v2 box w/a Cent 5.6 VM on it? If that is the case, which firewall are you talking about - on the hypervisor (ESX box) or the VM? Where's the other system you're ssh-ing to/from? It sounds like your vSwitch needs some love, but I need more detail.
    • bilal
      bilal almost 13 years
      no i have vmware server 2 on centos 5.6 as i mentioned. I am talking about firewall of host machine. i have ssh access from host to vm, i have ssh access over internet (out of network) to host, but i have no direct access to vm throug ssh.
    • mbb
      mbb almost 13 years
      That makes more sense - thanks for the clarification
  • bilal
    bilal almost 13 years
    my configuration is exactly same like your how-to link. i am forwarding an Ip on my host for example: 2222 to 22 of my vm in my nat config. 2222 : xxx.xxx.xxx.xxx:22
  • bilal
    bilal almost 13 years
    by the way i am getting server unexpectedly closed network connection, if it gives more information
  • mbb
    mbb almost 13 years
    can you ssh on the same subnet? From a host on the same IP range (192.168.2.x in the example above)?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SSH to home computers
ssh -L (error: bind: Address already in use)
Remotely access a Raspberry PI
SSH into remote computer from home (Port foward)
Include remote forwarding in SSH ProxyCommand
Can't SSH to VM - I've tried many things with no luck
Forward port from guest to host
How can I SSH into home computer from internet
Can NOT connect to local running virtual machine when dial in corporate VPN
NAT Port Forwarding in VirtualBox