I have made two VM’s(LInux 16.04 LTS) on a physical host which has Debian Server. I Have installed GItlab on VM1 now I want to access it externally with a Static IP outside my local network. I have the IP but I am stuck I made bridge connection with that IP but nothing happens.help
Share more about your VM networking. Is it bridged based networking? Are you using VMware, KVM, OR XEN? Is static public IP assigned to Debian server too? Maybe give us output of commands
brctl show
Hey! Thank you for the swift reply
actually, I am using KVM on my Debian Server. My Vm1 is running Ubuntu 16.04 , as libvrtd uses dnsmasq it has given my VM1 192.168.122.248 IP…and YES Debain server has Static Public IP
Debian server’s result :
$ brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.525400f6e948 yes virbr0-nic
vnet0
vnet1
virbr1 8000.525400e7096b yes virbr1-nic
Running brctl show command on VM1 gives the null result.
now the thing is on local IP Gitlab is working fine I tried to change the external address in GITLAB.rb file and tried different configurations but it did not work. My VM’s can access internet via my Debain server. I tried making bridge on Server but the internet connectivity gets lost on my VMs due to conflict. Now tell me how can I access Gitlab in my home with external IP.I want to do that so anyone can access it.Plus after this task I want to configure LDAP with it. I am kinda new to this Sys Admin stuff so don’t mind if I have bad concepts about networking and VMs
You need to install firewall to redirect all incoming traffic using DNAT. Something like follows will redirect all public traffic coming on port 80 of 1.2.3.4 public IP to internal KVM 192.168.122.248:80
## syntax ##
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d {PUBLIC_IP} --dport 80 -j DNAT --to {INTERNAL_IP}:80
## example ##
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d 1.2.3.4 --dport 80 -j DNAT --to 192.168.122.248:80
You must replace IP and ports as per your setup. Next you need to talk back from private IPs to public IP back:
/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
If you find this is hard, try using UFW. Still need to edit files tho. It is well documented here:
https://www.cyberciti.biz/faq/how-to-configure-ufw-to-forward-port-80443-to-internal-server-hosted-on-lan/
I am trying to follow the steps but when I am typing
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d {public ip} --dport 80 -j DNAT --to
{INTERNAL_IP}:80
it is giving me an error on Internal IP
IPTABLES V1.6.0: Bad IP address “{192.168.122.248}”
this is the IP my VM is using so I guess this is the internal IP. Physical host is using 130.83.162.84 and I want to give public IP 130.83.162.69 to access gitlab externally
Try:
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d 130.83.162.84 --dport 80 -j DNAT --to 192.168.122.248:80
Of course replace 80 with actual gitlab port.
Now I can access Gitlab on others PC In my Network now I want to access it from anywhere! what is the best solution?