Connection refused from outside Vagrant box with private network

nginx centos vagrant

I've set up CentOS 6 on a vagrant box with a private network IP. I can ssh into the box using the IP, so that is working. However, I get a Connection refused on port 80 when curl'ing it. There's a very basic nginx serving up its default welcome page inside. Curling it from inside the box works.

Vagrant.configure("2") do |config|
  config.vm.box = "Centos-6.3-minimal"
  config.vm.box_url = "https://dl.dropbox.com/u/7225008/Vagrant/CentOS-6.3-x86_64-minimal.box"

  config.vm.network :private_network, ip: "192.168.33.44"
  config.vm.hostname = "local.example.com"

  config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "2048"]
  end
end

Here are some things I have tried:

  • Changing to port forwarding 80 -> 8080. Curling on localhost:8080 just hangs there.
  • Trying another IP address. No difference.
  • Opening a python -m SimpleHTTPServer on the server that is known to listen on 0.0.0.0. Still getting Connection refused.

These things are known to work:

  • SSHing in to the server using the given private network IP works.
  • Curling from inside the box works.
  • The same setup works on a real server.

I've got Guest Additions installed, but their versions are different on guest and host. That might be the problem. But then why does SSH work, and not port 80? This is the output when I do vagrant reload: https://gist.github.com/magnars/496e553f07ad5c770c54

Update

While this does not work:

config.vm.network :forwarded_port, guest: 80, host: 8080

This does:

ssh -f [email protected] -L 8080:127.0.0.1:80 -N

Any ideas?


Although there are many things that could be wrong, the first one to check is the firewall inside the guest: it could be as simple as it having a rule for port 22 but not port 80.


Same problem solved by disable the firewall in guest host

sudo service iptables stop
sudo service ip6tables stop

And you can use iptables --list to check

[vagrant@c6401 ~]$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Related

SSH freezes when idle for a time
Can Vagrant point to a directory of Puppet manifests for execution?
Postfix: Recipient address rejected: User unknown in local recipient table, even though recipient domain is an external domain
WSSTRACING.EXE High CPU
Haproxy: reject traffic by user agent from file
How do I use SSL with Amazon S3 CNAME masked buckets?
How to fix Image Swapping Issue in iOS 8 with keep-alive + HTTP Pipe-lining?
AWS DynamoDB Cost efficiency
Job control: How to kill a sudo job using the job id
How to include multiple spf domains with different mechanisms in a single spf TXT Record [duplicate]
Detecting Kubernetes OOMKilled Events in GKE Logs
Does Nginx compress files for every request? (with gzip_on)