[vbox-dev] Host-Only networking, developer logs (LogRel?)
Klaus Espenlaub
klaus.espenlaub at oracle.com
Tue Aug 20 17:21:21 GMT 2019
default Windows firewall config since at least the XP days is to block
receiving ICMP echo request packets (don't think they ever explained
coherently why). It's possible to change this by adding a custom rule,
and to make things less obvious some Microsoft-provided rules (normally
disabled, but IIRC one of them gets enabled if you enable file and
printer sharing) automatically include allowing to receive ICMP echo
request packets.
Could be that your network config has such firewall rules enabled for
some of the usual Windows network classes (Home network / Work network /
Public network) but not for others. This would explain why pings
sometimes work and sometimes not, with the same Windows system as the
target.
All in all quite tricky to find with the ever changing ways to configure
the firewall across the Windows versions.
Klaus
On 20.08.2019 17:38, uwe at stderr.spb.ru wrote:
> Moi, Lassi.
>
> Vaatamoinen, Lassi wrote:
>
>> I've had issues in Host-only networking, while connected to a specific
>> network cable at our company. There is an (already) lengthy discussion
>> in the VBox forums here:
>> https://forums.virtualbox.org/viewtopic.php?f=6&t=94323
>>
>> In a nutshell: The Host-Only networking works in our Corporate
>> network, or when disconnected. But *not* working when using "RD"
>> network, which is a private 192.168.100.0/19.
> [...]
>> VBox setup:
>> Host: Windows 10
>> Guest: Ubuntu 18.04
>
> Have you tried anything other than ping? telnet/nc from the guest to
> a service running on the host (listening on the host-only on on the
> wildcard), another nc running on the host will do.
>
> pinging a windows machine (host in your case) is a funny business. I
> assume that when you say "host->guest is ok" you also mean ping (you
> don't provide packet capture for that). So the packets (echo replies)
> are correctly delivered from the guest to the host. The "guest->host
> not ok" is most likely not a sign of packets not deliverd, but a sign
> of the Windows electing not to talk to you because reasons.
>
> E.g. I have in front of me two VMs on the same internal network and I
> can ping windows vm -> linux vm, but not from linux to windows. I can
> get an nc connection from linux to windows just fine though (windows
> asked me if i want to allow nc to listen on a public network).
>
> So my initial suspicion would be that windows firewall gets into
> paranoid mode or something when the host is plugged into RD.
>
> -uwe
More information about the vbox-dev
mailing list