External users are unable to access nginx web server on VirtualBox
Issue
I can only access my nginx web server internally. The web server is hosted on my virtual machine. The outside world can not access it. By internally I mean within my virtual machine and the host machine, but not from an external device, e.g. my smartphone which is not connected to wi-fi. I have configured the virtual machine network settings to use Bridges Adapter, and I have configured port forwarding in my router (see images below). I can access the webserver on the host machine using both the external- and internal IP. Router has been restarted after configuration.
Goal
I want the outside world to be able to access my webserver.
Specifications
Host OS: Windows 10
Virtualization software: VirtualBox (Ubuntu Desktop 20.04.3 LTS)
Web server on VM: Nginx
VirtualBox Network configuration:
Attached to: Bridged Adapter
Name: Intel(R) 82579V Gigabit Network Connection
Adapter Type: Intel PRO/1000 MT Desktop (82540EM)
Promiscuous Mode: Allow All
All Name options:
Intel(R) 82579V Gigabit Network Connection
VirtualBox Host-Only Ethernet Adapter
VirtualBox Host-Only Ethernet Adapter 2
Network interfaces
Router - Port forwarding
Status: ON | TCP | Port: 80 | External Host: <ip from checkmyip.com> | Internal Host: 192.168.0.100
ipconfig from virtual machine
mtu 1500
inet 192.168.0.100 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::1070:8c81:f616:2b84 prefixlen 64 scopeid 0x20<link>
inet6 fdaa:bbcc:ddee:0:7c85:b26e:a007:cfd5 prefixlen 128 scopeid 0x0<global>
ether 08:00:27:c5:6f:79 txqueuelen 1000 (Ethernet)
RX packets 400 bytes 320675 (320.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 292 bytes 42926 (42.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 173 bytes 15040 (15.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 173 bytes 15040 (15.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
nginx configuration
...
server {
listen 80;
server_name 192.168.0.100;
}
...
Thanks!
Solution 1:
Defining the source IP (External Host) in a port forwarding rule limits the access to that IP address only. Consequently port forwarding rule
Status: ON | TCP | Port: 80 | External Host: <ip from checkmyip.com> | Internal Host: 192.168.0.100
translates to
Forward all packets with source IP <MyOwnIPAddr> and port 80 to 192.168.0.100
Port forwarding rules are created on the firewall, and since it'll never receive new connections originating from its own IP address, it'll block them. How the source IP should be configured depends on the solution and I'd expect to find it in the firewall's documentation, but leaving it blank often works. If not one of these might:
- 0.0.0.0
- 0.0.0.0/0
- 0.0.0.0 255.255.255.255
All of these are used in routing to refer to unknown / undefined IP address.