From owner-freebsd-questions@FreeBSD.ORG Thu Apr 14 20:35:45 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 53C9D106566C for ; Thu, 14 Apr 2011 20:35:45 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by mx1.freebsd.org (Postfix) with ESMTP id D54AD8FC0C for ; Thu, 14 Apr 2011 20:35:44 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QATGQ-0005i9-Q9 for freebsd-questions@freebsd.org; Thu, 14 Apr 2011 22:35:42 +0200 Received: from pool-173-79-85-36.washdc.fios.verizon.net ([173.79.85.36]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 14 Apr 2011 22:35:42 +0200 Received: from nightrecon by pool-173-79-85-36.washdc.fios.verizon.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 14 Apr 2011 22:35:42 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Michael Powell Followup-To: gmane.os.freebsd.questions Date: Thu, 14 Apr 2011 16:37:40 -0400 Lines: 73 Message-ID: References: <4DA71157.4090109@my.gd> Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7Bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: pool-173-79-85-36.washdc.fios.verizon.net Subject: Re: Remote access to Freebsd server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Apr 2011 20:35:45 -0000 Damien Fleuriot wrote: > > > On 4/13/11 6:40 PM, Michael J. Kearney wrote: [snip] >> >> Hi, I am new to the Linux environment. FreeBSD is *NOT* Linux! >> I am trying to build a virtual >> Freebsd server to run another virtual device (a Juniper router). I have >> found that after building the base operating system that I cannot >> remotely access the virtual Freebsd server. I have tried using both Qemu >> and VMware with the same result. It looks to me as though the server has >> a default setting that allows it to contact other devices (e.g., I can >> ping, ftp, telnet, etc., other devices from my Freebsd server) but I >> cannot ping, ftp, telnet into the Freebsd server from my host PC. My >> host is a Windows 7 desktop, but I have tried pinging from another >> virtual device and cannot get a response from the Freebsd server. I do >> not believe that the issue is my Windows 7 PC. >> >> I have tried the newest Disk 1 ISO image of Freebsd, 8.2, but I've also >> tried a few other images with the same result. >> >> I have combed through the documentation, tried configuring the firewall >> using the "open" template, tried to disable the packet filter in rc.conf >> (pf_enable="NO"), to no avail. I cannot reach the Freebsd server no >> matter what I have tried, and I feel I have exhausted my options. The >> ports are open and responsive on the virtual server itself, but access >> seems to be blocked to the Freebsd server. >> >> I am hoping you can tell me how to change the default settings on the >> Freebsd server to allow access from my Windows 7 host PC. Hopefully it >> does not involve manually rebuilding the kernel! >> [snip] > > > This has nothing to do with firewalling. > > He's very likely using NAT on his virtual machine. > > So outgoing connections work just fine: NAT from the guest through the > host. > > But inbound connections fail, and rightly so: NO NAT *to* the guest > through the host. I use VirtualBox these days, but if memory serves it is very much like Vmware in this regard. The OP needs to understand that the default install provides a NAT and a DHCP for the guest VM so it can be brought up automagically. I know in the VirtualBox documentation it is clearly explained about how incoming connections are not passed through this NAT. There are typically 3 networking configurations available: the default as described above, bridged, and host-only. Host-only does exactly what it sounds like - only the host machine and guest may communicate with each other. Bridged networking is what you want to set up if you want your VM to be totally available to your outside network. Hint: the "bridge" is not on the VM guest OS side, but rather the bridge would connect your Windows 7 host's NIC to the VM. A bridged config replaces the default install NAT. I haven't used Vmware for a while now, but in VirtualBox you can use the VBoxManage command line to enable port forwards in the default install's NAT. This is OK if you only want to make a small number of services available, like let's say only a web server on port 80. But you'll want a bridged config if you want the entire VM visible. -Mike