Discussion:
firewall rules of host's private_network adapter
fschwiet
2014-08-06 18:04:13 UTC
Permalink
I'm running a server with vagrant. As part of testing, I fake a 3rd
parter server on the host machine which the vagrant VM needs to communicate
with. The problem is that (on Windows at least) firewall rules are
automatically applied to the private_network adapter created on the host.
So the VM is unable to communicate with the host on the selected ports.

Is there a good way to open up the firewall on the host for the
private_network adapter? I want this project to work well cross-platform
(particularly Mac and Windows) and would prefer to avoid a manual step of
having to open up the firewall on the vagrant host.
--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/***@public.gmane.org
For more options, visit https://groups.google.com/d/optout.
Frank Schwieterman
2014-08-06 20:10:52 UTC
Permalink
Hmm, I wanted to add some details I don't quite understand.

Background:
The host is running as 192.168.33.1.
The VM is running at 192.168.33.100.

The host is running software at 192.168.33.1:8086 that the VM needs to
access.

Weird things:
Opening a firewall rule for TCP on port 8086 didn't work, nor did
disabling the windows firewall for the 192.168.33.1 adapter. Only after
completing disabling windows firewall was the VM able to reach the server
on the host.
Post by fschwiet
I'm running a server with vagrant. As part of testing, I fake a 3rd
parter server on the host machine which the vagrant VM needs to communicate
with. The problem is that (on Windows at least) firewall rules are
automatically applied to the private_network adapter created on the host.
So the VM is unable to communicate with the host on the selected ports.
Is there a good way to open up the firewall on the host for the
private_network adapter? I want this project to work well cross-platform
(particularly Mac and Windows) and would prefer to avoid a manual step of
having to open up the firewall on the vagrant host.
--
You received this message because you are subscribed to a topic in the
Google Groups "Vagrant" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/vagrant-up/s69YHYN0KWE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/***@public.gmane.org
For more options, visit https://groups.google.com/d/optout.
Alvaro Miranda Aguilera
2014-08-06 20:49:06 UTC
Permalink
try to create a rule for the whole binary

if virtualbox, vboxsvc.exe

there are some options to authorize traffic..

is more trial and error than something can be easily implemented i am afraid
Post by Frank Schwieterman
Hmm, I wanted to add some details I don't quite understand.
The host is running as 192.168.33.1.
The VM is running at 192.168.33.100.
The host is running software at 192.168.33.1:8086 that the VM needs to
access.
Opening a firewall rule for TCP on port 8086 didn't work, nor did
disabling the windows firewall for the 192.168.33.1 adapter. Only after
completing disabling windows firewall was the VM able to reach the server
on the host.
Post by fschwiet
I'm running a server with vagrant. As part of testing, I fake a 3rd
parter server on the host machine which the vagrant VM needs to communicate
with. The problem is that (on Windows at least) firewall rules are
automatically applied to the private_network adapter created on the host.
So the VM is unable to communicate with the host on the selected ports.
Is there a good way to open up the firewall on the host for the
private_network adapter? I want this project to work well cross-platform
(particularly Mac and Windows) and would prefer to avoid a manual step of
having to open up the firewall on the vagrant host.
--
You received this message because you are subscribed to a topic in the
Google Groups "Vagrant" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/vagrant-up/s69YHYN0KWE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/***@public.gmane.org
For more options, visit https://groups.google.com/d/optout.
fschwiet
2014-08-12 17:19:48 UTC
Permalink
I don't think the firewall rule will work applied to the virtualbox
executable, though I did not try it.

What I ended up doing was reverse forwarding the port via ssh, using
vagrant ssh -- -R <targetPort>:<sourceAdapter>:<sourcePort>
Using vagrant ssh to forward ports in the reverse direction is discussed
here: http://stackoverflow.com/a/16420720/32203

thanks

On Wednesday, August 6, 2014 1:49:11 PM UTC-7, Alvaro Miranda Aguilera
Post by Alvaro Miranda Aguilera
try to create a rule for the whole binary
if virtualbox, vboxsvc.exe
there are some options to authorize traffic..
is more trial and error than something can be easily implemented i am afraid
Post by Frank Schwieterman
Hmm, I wanted to add some details I don't quite understand.
The host is running as 192.168.33.1.
The VM is running at 192.168.33.100.
The host is running software at 192.168.33.1:8086 that the VM needs to
access.
Opening a firewall rule for TCP on port 8086 didn't work, nor did
disabling the windows firewall for the 192.168.33.1 adapter. Only after
completing disabling windows firewall was the VM able to reach the server
on the host.
Post by fschwiet
I'm running a server with vagrant. As part of testing, I fake a 3rd
parter server on the host machine which the vagrant VM needs to communicate
with. The problem is that (on Windows at least) firewall rules are
automatically applied to the private_network adapter created on the host.
So the VM is unable to communicate with the host on the selected ports.
Is there a good way to open up the firewall on the host for the
private_network adapter? I want this project to work well cross-platform
(particularly Mac and Windows) and would prefer to avoid a manual step of
having to open up the firewall on the vagrant host.
--
You received this message because you are subscribed to a topic in the
Google Groups "Vagrant" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/vagrant-up/s69YHYN0KWE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/***@public.gmane.org
For more options, visit https://groups.google.com/d/optout.
Loading...