Access Apache server running in Fedora guest VirtualBox from host

4

1

I have trouble accessing Apache server from host.

I’ve Fedora 15 VM VirtualBox installed on Windows 7. Within this VM I have Apache server running and working fine within the guest.

Not sure what else I can do to get this working.

Here is the configuration I have. Host OS IP:

   IPv4 Address. . . . . . . . . . . : 192.168.0.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.2

For VM I've two network adapters installed:

  1. NAT so that VM machine has access to Internet, it works.
  2. Host-only adapter.

Host-Only Network Details Host-Only DHCP Server

Here is the configuration on the guest:

[root@localhost network-scripts]# ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:14 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1394 (1.3 KiB)  TX bytes:1394 (1.3 KiB)

p2p1      Link encap:Ethernet  HWaddr 08:00:27:DD:DD:EA  
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fedd:ddea/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1289 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1207 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:936406 (914.4 KiB)  TX bytes:137003 (133.7 KiB)

p7p1      Link encap:Ethernet  HWaddr 08:00:27:44:A3:DB  
          inet addr:192.168.56.101  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe44:a3db/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:313 errors:0 dropped:0 overruns:0 frame:0
          TX packets:386 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:30505 (29.7 KiB)  TX bytes:44783 (43.7 KiB)

When I do ping 192.168.56.101 from the host I get proper responses, but all attempts to access web service fail. I get timeout errors.

Dima

Posted 2012-12-31T21:57:44.220

Reputation: 145

1

Based on the behavior described, it sounds like a software firewall (i.e., iptables) is running on the Fedora VM and preventing TCP/IP connections. Test this hypothesis by stopping IPTables using the init script: '/etc/init.d/iptables stop' and then attempting to hit http://192.168.56.101 in a browser on your Windows 7 host.

– esquireofoz – 2013-01-01T00:26:16.763

That did help, web server is now accessible! Thank you @esquireofoz – Dima – 2013-01-02T17:20:54.650

You're welcome. I also posted a more detailed answer so that others will be able to see this specific resolution more easily when they are searching for similar issues. – esquireofoz – 2013-01-02T23:20:26.537

Answers

2

Typically when ICMP traffic (e.g., ping) is allowed to a virtualized guest but TCP traffic (e.g., HTTP requests) is blocked, the issue is with a software firewall running on the guest OS.

Note: The command syntax syntax in this explanation is Fedora Core specific, but the general steps can be abstracted for use on other distributions of Linux.

Default installations of Fedora Core have IPTables enabled out of the box. Check the status of the IPTables service to see if it is in a 'active' state.

[root@gauss ~]# /bin/systemctl status iptables.service

Additionally, to see the currently active IPTables rules, check the status of IPTables init script.

[root@gauss ~]# /usr/libexec/iptables.init status

If there is a rule an IPTables in the INPUT chain similar to the one included below, it is responsible for blocking both TCP/IP and UDP traffic to the host.

REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

There are multiple options regarding how to enable HTTP traffic (e.g., adding an IPTables rule in the INPUT chain to explicitly accept traffic from TCP on port 80 from the hypervisor's host-only network IP 192.168.56.1, removing the universal DROP rule in the INPUT chain, etc.).

Since the guest is not facing the outside world and is on a host-only network, the easiest option is to stop IPTables and disable it so that it will not start automatically upon reboot.

[root@gauss ~]# /bin/systemctl stop  iptables.service
[root@gauss ~]# /bin/systemctl disable iptables.service

Once this has been completed, the Fedora Core guest will be able to serve HTTP requests over its public interface and the pages will be viewable on the Windows 7 hypervisor by hitting 192.168.56.101 in a browser or any other HTTP client.

esquireofoz

Posted 2012-12-31T21:57:44.220

Reputation: 163

Asked: 2012-12-31T21:57:44.220

Viewed: 2 328 times

Active: 2013-01-03T02:34:56.360