Vagrant's port forwarding not working

apache http centos portforwarding vagrant

100,169

Solution 1

I'll make this an actual answer instead of just more comments.

First thing: try curl 'http://localhost:80' from within the VM. If that doesn't work, then it's definitely not the port forwarding.

Next: try curl -v 'http://localhost:4567/' from your host machine. Curl might give you a better error message than Safari.

I'd check that there are no firewalls set up restricting access to port 80. The default Vagrant VM (Ubuntu) doesn't come with a firewall set up, but you said you're using something else, so it might be worth it to check.

If that's not it, try making something other than Apache listed on port 80. Python ships with a simple HTTP server you can use -- go to the folder with index.html and run sudo python -m SimpleHTTPServer 80, then try hitting that with curl from both boxes. If that works, then it's probably an Apache configuration issue. I don't have enough experience with Apache to help if that's the case (I use nginx).

Solution 2

I wanted to add an additional note that often this is caused by the server within the VM because it binds to 127.0.0.1, which is loopback. You'll want to make sure that the server is bound to 0.0.0.0 so that all interfaces can access it.

Some built-in app servers such as Django's development servers and some Ruby servers default to 127.0.0.1 by default so this is something to watch out for.

Other than that, what Steve said holds true: Make sure it works from within the VM and try some other simple servers to try and figure out if it is a configuration problem.

Solution 3

I had the same problem on CentOS 6.3 w/ NGINX and found the answer to be in the iptables on the vagrant box.

From bash on the vagrant box, follow these steps:

First list current iptable rules

iptables -L -v

Then flush current rules:

iptables -F

Allow SSH connections on tcp port 22

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Set default policies for INPUT, FORWARD and OUTPUT chains

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Set access for localhost

iptables -A INPUT -i lo -j ACCEPT

Accept packets belonging to established and related connections

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Save settings

/sbin/service iptables save

List modified rules

iptables -L -v

Curl localhost:[port#] or hit it in your browser from outside vagrant

More info on CentOS iptable configs found here:

http://wiki.centos.org/HowTos/Network/IPTables

Good luck.

Solution 4

A better solution for me is disabling the firewall

service iptables stop
chkconfig iptables off

View more solutions

100,169

Hank Gay

I like to spend time with my lovely wife, our two beautiful daughters, and our dog. I'm also a fan of geek humor, and I've been known to flip out and write code… elegant code, if I'm really lucky.

Updated on December 21, 2020

Comments

Hank Gay over 3 years
I'm running into a small problem at the end of the Getting Started guide for vagrant. I'm working on a CentOS basebox that has Apache2 running (provisioning via Puppet). I've set up port forwarding for web requests using the following line in Vagrantfile:
```
 config.vm.forward_port "web", 80, 4567
```
But when I make requests to that port, they fail. The error reported by Safari is 'Safari can’t open the page “http://localhost:4567/” because the server unexpectedly dropped the connection.'

I did a vagrant reload and saw "[default] -- web: 80 => 4567 (adapter 1)" in the scroll, so where should I begin to troubleshoot this? Thanks.
- Steve Losh about 13 years
  
  What does curl -v 'http://localhost:4567/' say? Sometimes Safari is a bit too nice at hiding error messages.
- Steve Losh about 13 years
  
  Also, does curl 'http://localhost:80' from the VM itself work? If not, the problem isn't the port forwarding.
- Hank Gay about 13 years
  
  @Steve Losh curl from within the VM is working. curl from the host gives me (52) Empty reply from server.
- haudoing almost 9 years
  
  The vagrant reload help me on similar question...
- Dariux about 8 years
  
  For me the case was with symfony 3: - when run sudo php bin/console server:run which makes server running on 127.0.0.1:8000 then I cannot access from web browser, curl in virtual machine accessed. When ran sudo php -S 0.0.0.0:8000 in web directory, I could access 127.0.0.1:8082/app_dev.php . Do not understand why this happens, but works.
Hank Gay about 13 years

Basically, I suck at RedHat and iptables. I checked to make sure the default policy was ACCEPT for incoming connections, but didn't pay attention to RedHat's custom rule chain, which has a catch-all REJECT rule as the last rule in the chain. tl;dr I had a firewall in the way and just didn't notice.
Roosh almost 12 years

Thanks! That sneaky firewall rule is what caused my problems on RHEL 5.5.
Benjamin Oakes over 11 years

Thanks for writing this up. I had this same problem on Fedora 18, so it's not specific to CentOS. I hope that helps someone else. :)
Ronze over 11 years

This was the fix needed for shotgun running webrick.
Robert about 11 years

This was me on CentOS. service iptables stop
Arnaud Meuret about 11 years

I reprint Robert's comment below because it is such a trivial way to check: Run service iptables stop as root to quickly rule out a Guest firewall issue. Reenable it later if needed.
slothstronaut almost 11 years

+1 Worked for me. For using a local VirtualBox instance, I had no need for a firewall.
Bartłomiej Skwira almost 11 years

This solved the problem for me. To bind Torquebox to 0.0.0.0 run it with: torquebox run -b 0.0.0.0
GabLeRoux about 10 years

had same issue with a weird centos image; iptables was restricting almost everything. I followed this iptable centos guide (solution in section 3 Writing a Simple Rule Set) and it worked like a charm :)
CMCDragonkai about 10 years

Yep this was the problem. Need to bind to 0.0.0.0. I wonder if there's a way that Vagrant can automatically make this problem go away in the future?
pragmatic_programmer over 9 years

same problem with sinatra and webrick: "set :bind, '0.0.0.0'" solved the issue
code_monk over 9 years

iptables -F alone did it for me
sixty4bit about 9 years

this was the fix for me
Fabrizio Regini almost 9 years

This fixed the problem for me with a nodejs server, binding to 0.0.0.0 instead of 127.0.0.1.
brrystrw almost 9 years

it's a good trick if you wanna a temporary fix
Adam Kalnas over 8 years

This question helped me figure out how to perform this action with Rails - stackoverflow.com/questions/28668436/…
Joshua Fricke about 8 years

I found a solid solution to this with some exec commands listed in this blog post to solve this same issue techie-notebook.blogspot.com/2014/05/… I had to replace my path with the ${os_path} sections as I didn't have that variable available.
Vitalii Zurian over 7 years

It was my problem. Thanks!
abhirathore2006 about 7 years

for me curl was working inside so i enabled networking in Vagrantfile and ran command vagrant reload
hris.to over 5 years

I had the same issue with gatsbyjs, so I needed to run like gatsby develop -H 0.0.0.0. Then http://localhost:8000 works :)
An0nC0d3r about 5 years

Apologies for adding another useless comment.... BUT this worked for me too :D Thank you!!!