Port forwarding is the best way to allow external users to the internal network in the networking technology. And the port forwarding in the VMware workstation is not so different.
Instead of allowing the external users on the internet, the VMware workstation allows external users on the local network to the specific port you mentioned on the Virtual machine.
You can spin up Virtual machines in the VMware workstation. It doesn’t matter which version of the VMware workstation you are running, be it 15/16/17 or even lower, enable certain services on it, and make it available for the local users using the port forwarding option.
For example, you can run an FTP server as VM and provide that FTP service for the local users. You can even go a step further and run a web server on the VMware workstation pro and make it available for internet users as well.
However, that requires another port forwarding configuration again on edge router/firewall in your LAN as well. You have to be a little careful when allowing external users to the internal network though, but that we covered in a seperate articles as shown below.
How to Configure PfSense Port Forwarding?
Port Forwarding in Router – How to Configure?
How to Configure FortiGate Port Forwarding?
Port Forwarding Not Working? – How to Troubleshoot?
The point here is the port forwarding in VMware workstation is a great feature if you wanted to provide access to certain services in your VM to your LAN network.
Read also,
How to Configure Different Network Types in VMware Workstations?
How to Configure VirtualBox Network Settings ?
How to FIx VMware Bridged Network Not Working in Windows?
In one of the blog posts, we covered how we can configure port forwarding in Virtualbox, and in this blog, we will configure port forwarding in a VMware workstation pro.
Objective :
I have two machines running in my environment, one is Linux mint, and the other is Ubuntu. And both are configured with ssh service on Linux mint it is port 22, and in Ubuntu, it is port 2222. Ubuntu machine also acts as a web server with https service on port 443. We will configure port forwarding on the VMware workstation so that the local users can ssh into the VM and access the internal webpages over port 443.
Prerequisite.
- VMware workstation pro – Any version will work, and I am using VMware workstation 16, and I tested this on older versions such as 12, 13, and 15.
- Virtual machine with some ports enabled.
How do I port forward a VM in a VMware workstation?
There are multiple network adapters in the VMware workstation, such as Bridged networking, host-only adapter, and finally NAT adapter. The port forwarding is only available in the NAT network configuration in the VMware workstation. If you try to select any other adapters, you won’t see the port forwarding functionality.
To allow port forwarding, first, you have VM running with specific services, such as ssh. Then you go to the Vmware workstation network setting and edit the NAT settings to add the port forwarding configuration to allow a port from your local network to the Virtual machine network.
You must make sure that the host machine port number does not conflict with the port you want to access on the Virtual machine.
For example, I have ssh enabled on my host, and if I try to allow the port forwarding for the VM on the default ssh port. The request would forward directly to the host machine as it listened on the same port instead of the VM. We will also see how we can overcome that as well.
We will explain in more detail with a lab.
Steps to enable the port forwarding in VMware workstation.
Connect to the NAT network to the VM.
I have both Linux mint and the Ubuntu machine running and I will change its network settings to the NAT network.
To change the network adapter, Right-click on the VM’s and click on Settings.
Select the network adapter and choose NAT and click on OK.
These settings will add the virtual machine to the NAT network, the VMnet 8 adapter on the Vmware workstation.
After the virtual machines are connected to the NAT network, both the VM’s would receive an address from the VMware NAT DHCP service. Now, the VM’s can speak to each other and also to the host machine. However, the host or any other device on the local network cannot initiate the communication with the virtual machine directly; hence, we will allow the port forwarding for the VM’s.
My VM’s got the following IP addresses.
Ubuntu – 192.168.127.132
Linux Mint –192.168.127.128
See the below output. The Ubuntu VM can speak to the Linux mint and also to the host machine on 192.168.0.4. It can even go out to the internet.
It means NAT network is working as expected.
Validate the services are running.
To test the port forwarding, we need to have VM with some services enabled. We are going to test the port forwarding with SSH and https mainly. So let’s check the services on the VM’s that we have.
On my Linux mint, I have SSH services installed and running on the default SSH port 22.
To check the ssh status on the Linux mint you either type service ssh status or systemctl status service.
As you can see, the service is active and it is now listening to port number 22. You can learn more about the ssh configuration on Linux mint here.
Whereas on the Ubuntu machine, it is slightly different, it is listening on the port 2222 on the same SSH service.
You can use the same command we used on the Linux mint to check the SSH service status on Ubuntu machine as well.
The ubuntu machine is also running with the webserver for port http and https.
I can access the HTTPS service by typing its IP address in the firefox address bar and verified that the HTTPS service is working.
Validate if your host machine is enabled for the SSH service.
After you enable the ssh port forwarding on the VMware workstation, you can access the port from the host machine by using ssh username@<hostIP>
Did you see that I mentioned the host IP instead of a Virtual Machine IP? If your host machine is also enabled with the ssh service, the request will not forward to the VM.
To validate that, you can test the SSH access to your host machine.
Since I am running windows 10 as the host machine and I have not enabled SSH access in it, my host machine will not allow me in with the SSH access. As you can see below, the SSH access is refused.
C:\Users\saifudhe>ssh [email protected]
ssh: connect to host 192.168.0.10 port 22: Connection refused
However, if you are using a Linux machine as the host, you will most likely have ssh access enabled. At that point, you need to use a different port for ssh access to the VM. We will look into that later part.
Since my machine is not using port number 22 I can use the default one.
Configure port forwarding for ssh in VMware
To configure the port forwarding, go back to the VMware workstation. And click on Virtual Network Editor…
After few seconds, the virtual network adapter setting window would pop up. By default, all the options will be grayed out, and you need to click on Change settings.
Note: On windows, if you do not have administrator privileges, you won’t be able to make any changes here.
After you click on the Change settings, you will see all the options available to modify. From the Network adapters list, choose VMnet8, the NAT adapter, and click on NAT settings.
The NAT settings window will open now. Here you will see the port forwarding configuration for the VMware workstation. Click Add under port forwarding.
Fill in the port forwarding configuration.
Add the host port as 22
Type: TCP
Virtual machine IP address: 192.168.127.128, this is our Linux mint VM IP address.
Virtual machine Port 22.
Add a user-friendly description, and then click on OK.
Click on OK on the NAT configuration settings as well.
Now you should be able to access the Linux mint machine from your local machine.
Verify the SSH access in VMware port forwarding.
To ssh into the Linux mint, you can use the command ssh username@<host IP> and hit enter.
My username is Saif and my host IP address is 192.168.0.10; hence I can access the machine with the below command.
After I entered the password, I am now able to log in to the machine. Though we did ssh into the host machine, you can notice the IP address of the VM says 192.168.127.128.
Now you know why you should check if the host machine is currently using the default ssh port or not. The port forwarding will not work, when the host machine also using the same port. Instead of forwarding the request to the VM, the request will go to the host machine itself.
What if your host machine uses the default port and you want to ssh into the VM again?
We can still work around a way to access the VM if your host machine still uses the default SSH port number. Let us go ahead and do that now.
Go to the settings— > Virtual adapter settings –> Change Settings.
Choose NAT adapter and click on NAT settings.
Here you can see the previously added port forwarding policy. You may click on properties to edit the existing policy or remove them.
As I have to make changes to the port number, I can edit the existing settings.
Instead of using the default port 22 on the host port, I choose the custom port 2221 and then click on OK.
And click on OK on the NAT settings as well; apply the changes.
Test port forwarding to the VM over SSH.
When you try to SSH into the machine, you need to use the newly added port number instead of the default one.
As you can see, after specifying the SSH custom port 2221, I can log in to the VM.
The default port didn’t work as the SSH port changed, and my windows host does not have the ssh service enabled.
Using the custom port numbers, you can assign port numbers 2221,2222,2223 for VM1, VM2, and VM3, respectively, if you plan to configure the SSH access to multiple virtual machines.
Configure SSH access to the different VM port number.
You can also configure ssh access when the VM uses a different port number instead of a default one.
We already have an Ubuntu machine running ssh service with port 2222, let’s see how we can configure port forwarding for the same.
Open VMware workstation.
Click on Edit –> VirtualAdapter Settings–> Change settings.
Click on NAT settings.
Click on Add.
In the MAP incoming port window,
On the host port type 2222, or the default one if your host machine is not using the ssh service on the default port.
Type: TCP.
Virtual machine IP: 192.168.127.132, which is my ubuntu IP address.
Virtual machine port number: 2222. We already validated Ubuntu VM is running on port 2222.
Provide a user-friendly description and click on OK.
Click on OK on the NAT settings as well and apply the configuration.
Access the Ubuntu machine with a custom port.
To access the ubuntu VM, type ssh -p 2222 username@<hostIP>
So it will be ssh -p 2222 [email protected]
As you can refer to the below output, I can access my Ubuntu machine running ssh with custom port 2222.
Configure port forwarding for Web server.
We have successfully configured the port forwarding for the SSH service, how about the web services running on ports 80 and 443.
Those are not different from configuring the ssh port forwarding.
Click on Edit –> Virtual network Editor –> Change settings –> NAT settings.
In the NAT configuration window, click on Add.
As my windows host is listening to port number 443, I cannot use the same port number. So I decided to use custom port number 8443 this time.
If you want to use the default port number, you will have to disable the https service on your host machine first; then, there will not be any conflict.
Host port: 8443
Type: TCP.
Virtual machine IP address: 192.168.127.132
Virtual machine port 443.
Provide some description.
Click on OK and save the changes.
Verify the https access.
Open a browser on your machine and type the URL as https://192.168.1.10:8443 and then Enter.
You may ignore the security warning and proceed to the page, and you should be able to access the web page as below.
And the best part is, you can even access the web page from your local network as well. As you can refer to the below output, I access the same web page from my IPad as well as on my phone.
The Web page on the phone.
The same web page on an IPad.
We have configured the port forwarding for ssh, HTTPS service successfully; even for HTTP service or any other protocols for that matter, the same procedure can be followed. While configuring the port forwarding, you need to use a custom port number or default port number based on your host service and the port number for the VM, it should just work fine like the SSH and HTTPS.