I'm running OS X Sierra in VMWare Player on top of Linux Mint 18. I can ping Linux but it won't connect to my server through the browser. I have a separate machine with a test server set up on the same local network. I can reach that one via the browser but not the server on the host. I am trying to connect using IPv4 if that's relevant.
I have tried using 'Bridged', 'NAT' and 'Host Only' to no avail.
Is there some sort of Mac firewall keeping me from connecting with the host?
Any ideas of how to fix?
Edit:
A partial fix from this answer...
I can specify an IP address to the server in the source code (node) but this is obviously sub optimal as the IP addresses are dynamically assigned. This works. I can view it in the guest browser but I have to manually specify the IP address on both ends. How do I get the guest to see the 'localhost' of the host? Essentially I don't want to have to look up my IP address every time I reconnect to my network and change the code to suit.
Edit:
I have another VM guest with Windows 10 running in it with the same issue so it is at least not Mac specific. It is probably something directly related to VMWare.
If you use Bridged network type for the VM.
Try temporary disable local VM OS X firewall:
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate=off
Temorary disable local server firewall rules:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
List if IP address of the VM On OS X used same network as your server:
ifconfig
List local server IP address used, it should be from same network as VM IP:
ifconfig
If all firewall rules disabled and both machines (VM OS X and local server) from the same subnet then you should able to ping VM IP address from local server. If addresses from different subnets then use statically assigned IP in the VM OS X or change DHCP assign into your router (that assign IPs if any), you can check MAC address of VM network interface and set it to assign right IP address in the router if any and possible there.
Related
I got a notification from my kaspersky antivirus on my windows 10 (which is always on)
Apparently, there was a port scan and it was blocked.
User: NT AUTHORITY\SYSTEM
User type: System user
Component: Network Attack Blocker
Result description: Blocked
Name: Scan.Generic.PortScan.TCP
Object: TCP from 104.152.52.xxx at 192.168.0.10:1701
Additional: 192.168.0.10
Databases release date: Yesterday, 1/19/2022 12:34:00 PM
192.168.0.10 is a virtual machine running debian; I have UFW on this debian and port 1701 is not in any UFW rules. (so it's not allowed)
I have done a grep on the ports of the debian VM using: sudo netstat -tulpn | grep 1701 Found nothing
I assume the port scan has been done on all the machines in my network?
How can I find out where the scan comes from?
What are the consequences? What should I do next?
So from what i understand of what you published, 104.152.52.xxx made a scan. What's odd is how could he effectively reach your machine at 192.168.0.10, so i believe you have port forwarding enabled on your router. *-{see edit}
I also assume that the IP address of your VM is bind directly to your home network 192.168.0.0\24 (and not in a sub network on Windows 10). So your router should be accessible at 192.168.0.1 (or 192.168.0.254 sometimes)
Consequences of a scan ?
most likely, none, except if you have some port opens, kaspersky blocked the 1701, but probably other ports have been scanned. So verify the configuration of your router
Is it normal ?
Yes. Every device accessible from internet is constantly scanned. Always.
What to do next ?
Make sure no port-forwarding is enabled on your router
If port forwarding is enable, and needed. Make sure the software behind it is secured and up to date. if you have a password access, the password should be strong. If you have an SSH server, deactivate the authentication by password and activate the authentication by public key.
== EDIT ==
Other possibility than port forwarding and seems to be the answer:
If the VM is in a DMZ, then all unassigned ports on the router may be (depends on the router) redirected to the VM, therefore, a scan on the public ip address, would result on a scan on the VM.
I installed a vbox in ubuntu 18.04, and used bridged network by adding parameters:
--bridgeadapter2 eno1 --nicpromisc2 allow-all
Everything goes fine, vm can ping outside, and host can ping vm, but outside can not ping vm:
(outside in the same subnet can ping vm, for example: 10.124.214.x can ping vm)
# 10.124.214.116 is vm, 10.124.214.4 is host, 10.124.12.103 is outside IP
# From host to vm
traceroute 10.124.214.116
traceroute to 10.124.214.116 (10.124.214.116), 30 hops max, 60 byte packets
1 10.124.214.116 (10.124.214.116) 0.232 ms 0.197 ms 0.191 ms
# From vm to outside
ping 10.124.12.103
PING 10.124.12.103 (10.124.12.103) 56(84) bytes of data.
64 bytes from 10.124.12.103: icmp_seq=1 ttl=63 time=1.38 ms
The tricky thing is vbox interface does not like normal linux tun/tap interface, I can see interface in VM, but there is nothing I can operate from host, and there is no bridge on the host.
Is there any API I can trouble shooting vbox?
Cheers code farmer
You are right about bridge. Thing here is that your VM is currently behind NAT created by virtual box (see different subnets you mentioned)
What you can do here is to create new bridge on host machine (good instructions HERE)
Using this setup you will have to change networking setting slightly:
VM Host
+-----------------------------------------------------------------+
| -> VM A (10.124.214.5/24) |
Outside network (10.124.214.0/24) -> | eno1 (no IP) -> br0 (10.124.214.4/24) -> VM B (10.124.214.6/24) |
| -> VM C (10.124.214.7/24) |
+-----------------------------------------------------------------+
Then you can assign your VM to br0. Depends on your outside network setting you might need to set static IP to your VM
Finally, I got the root cause:
There are two interfaces in my VM:
First one is NAT, second one is bridge. By default, vbox set the NAT interface as the default route, when I send out packets, it use NAT interface. But HOST and VM are in the same subnet, when connect to HOST, it use the bridge interface. When I need to access this bridged interface from outside, I need to add another entry of default route by ip route command:
sudo ip route add default via 10.124.214.116
Hi,
The following is the result of netstat -a -o -n on my windows ec2 instance.
I see that port 80 is being used by different processes in both physical and foreign address. Does this mean that the NAT is not resolving the private and public IP address of the EC2 instance properly ?
What should I do to fix it ? On the private IP, port 80 is occupied by the node server while a chrome transaction is occupying port 80 on the foreign address.
Thanks.
Try setting DHCP Option set.
I had a problem with it. Windows Domains Machines were not resolved. At Windows networks, with AD, you must fill your domain at DHCP Option.
Look at http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
I changed the IP address of my linux machine so that I can communicate with a device. I modified the IP address in the ifconfig-eth0 file to the necessary IP address (IPADDR=192.XXX.X.XXX). I can successfully communicate with my device, but when I rewire my computer to the internet, I cannot connect.
I tried to change the IP address in ifconfig-eth0 back to what google told me my IP address is (130.XXX.XX.XXX), and ran
service network restart
But I am still unable to connect. Any ideas?
I solved the problem by configuring /etc/sysconfig/network-scripts/ifcfg-eth0 (as root) to contain only the following:
DEVICE="eth0"
BOOTPROTO="dchp"
ONBOOT="yes"
Upon restarting the machine, a new IP address was obtained and I was able to connect to the internet.
I have my beaglebone black running stock Angstrom Linux and is connected to ethernet at my home. I can login from any PC connected to my home network using SSH. I would like to know how can I login from another network, say I am at my office and I am connected to internet. I want to login into my beaglebone black which is connected to internet at my Home. How can I do this?
Thanks in Advance
You have a public IP address, that is given to you by your Internet operator. This public IP however will be different than the IP of your Beagle in your local network.
To login to your Beagle from the Internet, you need to connect to your public IP address, and need to add port forwarding to your router, so that port 22, which is the socket port that is used by ssh, is forwarded from your public IP to your local IP.
So, you need to login to your router management console, and go to "port forwarding" options, and select to forward TCP/IP connections to port 22 be forwarded to your Beagle IP. For this to work longer term, you should set static IP address to your Beagle, otherwise if your board stays offline for long time, the DHCP server on your router will probably assign different IP at some point, and the forwarding would need to be setup again.
There is a good guide on the static IP address setting in Beagle/Angstrom here: http://derekmolloy.ie/set-ip-address-to-be-static-on-the-beaglebone-black/
One more thing: Since your operator will also assign different public IP for you from time to time, you might want to have some kind of Dynamic DNS service in use. With this kind of service, you can create your "custom" DNS address (for example user3180454.no-ip.com), that will always point to your Public IP address to which you can create ssh connection (the service will require some method to keep this IP address up to date, you will see instructions on how to do it from the service you use).
Couple services like this:
http://no-ip.com/
http://freedns.afraid.org/
You might also want to try out the Weaved connection service installer for BeagleBone Black. I'm using it to connect:
SSH on port 22
BBB web server on port 80
tightVNC server on port 5901
Shell in a Box on port 4200
Apache web server on port 8080
See:
https://developer.weaved.com/portal/members/betabeagle.php
If you are:
Connecting to from a BeagleBoard via USB Ethernet
from Mac Air running Mavericks & connected to web via Wifi
I found this very helpful:
http://makezine.com/2012/07/16/use-your-mac-laptop-as-a-wireless-proxy-for-raspberry-pi/
In short >> install/run a proxy server (with Squidman) & your life will be easier.
I know this is an old question. But I thought I'd suggest another option. I use TeamViewer (https://www.teamviewer.com) to connect to my work/home computers. You could use something like this to connect to your home computer from the office. Once connected to your home computer, you could then do whatever you need to do on your home network. No port forwarding required.