Port forwarding from Host port 80 to VirtualBox port 80 doesn't work

john206 picture john206 · Jul 9, 2012 · Viewed 37.9k times · Source

I have read VirtualBox port forwarding guide, similar questions in this site and other sites but couldn't find a solution.

UFW is enabled on Guest OS (Ubuntu), port 80 and 22 are open. I can ssh from host to ubuntu and can access ubuntu site from host browser.

On Guest, I setup Nat and hostonly (vboxnet3) adapters. Also opened router port 80 (192.168.1.90) Guest ip is 192.168.70.10

So In guest settings > Nat >port forwarding I put:

TCP host-ip: 192.168.1.90 host-port:80 guest-ip:192.168.70.10 guestost-port:80

However, this setting doesn't work. I appreciate if you direct me to the right path.

Answer

Peter picture Peter · Nov 4, 2013

As William mentioned, a linux/unix OS won't let a process listen on ports < 1024 unless they're run as root. You could run VirtualBox as root, although I've read dire warnings on doing that. It's probably horribly insecure.

Instead, set up Apache2 on the host system to listen on port 80 (it should be set up for that already), but instead of serving a website on the host machine, have it proxy traffic to some higher port - say, 8080 - on the host.

Then, have VirtualBox forward that higher port to the guest OS port 80.

The Apache setup would be something like this:

  1. Install the HTTP proxy module

    a2enmod proxy_http

  2. Make sure /etc/apache2/ports.conf has a Listen 80 directive in it

  3. Add another site in /etc/apache2/sites-available or modify the default site (or just slap this in ports.conf)

    <VirtualHost *:80>
        ProxyPreserveHost On
        ProxyRequests Off
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
    </VirtualHost>
    
  4. bounce apache

    service apache2 restart

The VirtualBox setup would be host port: 8080, guest port: 80.

Traffic would go:

client --> host:80 --> Apache --> host:8080 ---> vbox NAT ----> guest:80

This is similar to William's ssh tunnel, but doesn't require manual intervention (re-entering a password) every time the host is rebooted.