This might take a while to explain, but the TLD:DR is as follows.
I'm trying to setup port forwarding so that I can access some services while I am away from home. The forwarding seems to work fine for every host in my local lan EXCEPT for host that are virtual machines on my KVM server.
The details.
KVM Server - Setup with a single bridge (br0) interface.
KVM Guests - VM's that get spun up receive an IP address from DHCP that is part of the local network (192.168.1.0/24)
Laptop - I am able to ping / ssh into any of VMs using their IP address that they receive from DHCP
Router - The KVM guest appear in the client table
Testing -
1. I can ssh from my laptop to any KVM guest
2. When I setup port forwarding on my router to any IP address except the KVM guest, the ports are forwarded correctly.
3. When I try to ssh remotely
I get a connection time out.
4. When I run tcpdump on the guest VM that I am trying to ssh into... I can see the syn packet, with the correct source (external ip) and destination (VM guest IP, correct MAC address as well).. but the guest VM does not respond to the SYN packet.
5. Doing an nmap on the public ip address shows the external port as 'filtered' (which matches well with the behavior described in test 4)
6. I am certain firewalld is not running on the guest VM.
Any other thoughts!??
I'm trying to setup port forwarding so that I can access some services while I am away from home. The forwarding seems to work fine for every host in my local lan EXCEPT for host that are virtual machines on my KVM server.
The details.
KVM Server - Setup with a single bridge (br0) interface.
KVM Guests - VM's that get spun up receive an IP address from DHCP that is part of the local network (192.168.1.0/24)
Laptop - I am able to ping / ssh into any of VMs using their IP address that they receive from DHCP
Router - The KVM guest appear in the client table
Testing -
1. I can ssh from my laptop to any KVM guest
2. When I setup port forwarding on my router to any IP address except the KVM guest, the ports are forwarded correctly.
3. When I try to ssh remotely
Code:
ssh user@publicIP -P external port4. When I run tcpdump on the guest VM that I am trying to ssh into... I can see the syn packet, with the correct source (external ip) and destination (VM guest IP, correct MAC address as well).. but the guest VM does not respond to the SYN packet.
5. Doing an nmap on the public ip address shows the external port as 'filtered' (which matches well with the behavior described in test 4)
6. I am certain firewalld is not running on the guest VM.
Any other thoughts!??