Tombuntu

Configure Port Forwarding to a VirtualBox Guest OS

Running a server as a guest in a VirtualBox virtual machine isn’t much good when you can’t network with the guest OS from your host machine. Instead of setting up host interface networking, you can simply port forward though VirtualBox’s NAT. Once port forwarding is set up, any computer on your network will be able to network with your guest OS though forwarded ports on your host.

[update] The latest version of VirtualBox makes host interface networking simpler than this, so this post is not as useful now.

VirtualBox’s GUI doesn’t expose this functionality, but the VBoxManage command line utility does. Before starting, remember to close your virtual machine before changing it’s configuration.

You need five pieces of information:

These three terminal commands are used to set up the port forward (replace GuestName, DescriptiveName, HostPort, GuestPort, and Protocol with your information):

VBoxManage setextradata GuestName "VBoxInternal/Devices/pcnet/0/LUN#0/Config/DescriptiveName/HostPort" HostPort
VBoxManage setextradata GuestName "VBoxInternal/Devices/pcnet/0/LUN#0/Config/DescriptiveName/GuestPort" GuestPort
VBoxManage setextradata GuestName "VBoxInternal/Devices/pcnet/0/LUN#0/Config/DescriptiveName/Protocol" Protocol

For example, to forward SSH traffic from “Ubuntu Intrepid” on port 22 to port 2222 on the host:

VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/HostPort" 2222
VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/GuestPort" 22
VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/Protocol" TCP

In this case, you could now connect via SSH to the guest though port 2222 on the host:

ssh -p 2222 localhost

The guest is available from other machines on the network as well though the same port at the host’s IP address (if your firewall allows it).

You can set up as many port forwards as you wish, just keep changing your DescriptiveName value. To remove a port forward, repeat the same three commands again, but without the values:

VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/HostPort"
VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/GuestPort"
VBoxManage setextradata Ubuntu\ Intrepid "VBoxInternal/Devices/pcnet/0/LUN#0/Config/SSH/Protocol"

You can view the configuration for a virtual machine, including port forwards, with this command (replace GuestName with your information):

VBoxManage getextradata GuestName enumerate

One restriction you should be aware of is that you can’t use a host port lower than 1024 without running VirtualBox with escalated privilages.

Extra note: You can always access your host from inside your guest using the IP address 10.0.2.2 if you need to do the reverse of this.

Archived Comments

Derek Buranen

VirtualBox 2.1.0 is out now and it brought easy host networking. Just pick it. No tap/tun stuff to deal with. No broken NetworkManager. It’s easy bridged networking!

Tony

Excellent tip! Fortunately, though, I’ve been able to find good native-linux replacements for all my old Windows P2P apps…

markba

For taking care of the tedious, manual configuration, I created VBoxTool which is capable of setting everything which is needed for port forwarding, based on a single configuration file. See http://vboxtool.sourceforge.net/ for more details.

Michael B

I still can’t get this to work right. I’m on Vista 64 bit, running Ubuntu 9.04 in a VM. the port forwarding is all there but it won’t connect. Checked the windows firewall too.
I wish they would document the VBoxManage thing better. For some reason I had to use VBoxInternal/Devices/e1000/0/Config/ssh/HostPort instead of what you had (notice the e1000 and 0 instead of LUN#0).

Alzaf

I have Ubuntu 8.04 as both host and guest. The only way I could get ssh working is installing openssh-server on both guest and host.

I also managed to get an apache web server working on guest and could communicate with host.

To get this working enter the following commands:

VBoxManage setextradata “VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/HostPort” 8080
VBoxManage setextradata “VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/GuestPort” 80
VBoxManage setextradata “VBoxInternal/Devices/pcnet/0/LUN#0/Config/apache/Protocol” TCP

Once the apache server is setup on guest, enter the following commands to open ports on iptables

sudo iptables -A INPUT -p tcp –dport 80 -j ACCEPT
sudo iptables -A OUTPUT -p tcp –dport 80 -j ACCEPT

To view the web server on host, enter the following command:

firefox “http://localhost:8080”

Beau Scott

Excellent post.

This obviously is for host port forwarding, but is there an internal mechanism to VBox that would allow guest port forwarding. In my particular case, I run an app server on my host machine, and then use VMs to replay automated test scripts against that appserver. Accessing the app server (host:8080) is easy and doesn’t require forwarding, but the automated playback tool also runs on the host machine. The clients are executed in the vm and don’t allow host address overriding (hard coded to localhost:XXXX). Is there a way that I can generically instruct the guest vm to forward (guest) localhost:XXXX to host:XXXX thru virtual box, or is that really up to the operating systems of the guests?

Karl

If you’re using this, make sure you’re using the PCNET adapter, otherwise, your VM won’t start. The commands given are for the PCNET adapter

Matteius

I tried this approach to get some service connectivity between my host and guest when my host is connected to a VPN that requires all network traffic be routed through the VPN. There is a major flaw that it seems impossible to get at your guest VBox when connected to such a VPN.

Respond via email