VMware Workstation

hello,

I have a VM in workstation configured with a bridged adapter and an exposed https port. I can access that port on the machine running workstation but nowhere else. I do have a firewalld rule allowing the TCP traffic. do I need to set up IPv4 forwarding in the kernel for this to work or is it something else?

Hi Kevin,

Let's suppose that your host has IP address 192.168.1.1 and your VM has 192.168.1.2. When you say you can access the VM's HTTPS port from the host you mean that, for example, using curl you can do curl --insecure https://192.168.1.2/ and curl shows the page your webserver is serving in the VM? Nowhere else is PC(s) on the same LAN having an IP from the 192.168.1.0/24 range?

IP forwarding should not make a difference because this setup should behave as if you plugged both the host and the VM into the same LAN, and traffic targetting your VM's IP address should not be handled at an IP level by your host, only within the VM. IP forwarding only affects IPv4 traffic, not Ethernet. I have a similar setup, only the host is Windows (and the guest as well), and forwarding traffic from my internet router to the VM works fine.

Original Message:
Sent: Jul 25, 2025 07:45 PM
From: kevin huntly
Subject: access workstation VM in bridged network from outside machines on Linux host

hello,

I have a VM in workstation configured with a bridged adapter and an exposed https port. I can access that port on the machine running workstation but nowhere else. I do have a firewalld rule allowing the TCP traffic. do I need to set up IPv4 forwarding in the kernel for this to work or is it something else?

correct, but I am trying to access a service on it internally so the router itself doesn't come into play unless I still need to do a port forward there for some reason?

host is DHCP, 192.168.10.x/27, 2x nics (one wireless)

guest is static, 192.168.10.19/27 with exposed 80/443 1x bridged nic with eth0 (I can try adding a 2nd on the wireless int and see what happens)

ETA: outside machines trying to get into .19 are getting a 'no route to host' which is typical of a firewall issue in my experience when they're in play. 

Original Message:
Sent: Jul 27, 2025 12:27 PM
From: Gabor Kormos
Subject: access workstation VM in bridged network from outside machines on Linux host

Hi Kevin,

Let's suppose that your host has IP address 192.168.1.1 and your VM has 192.168.1.2. When you say you can access the VM's HTTPS port from the host you mean that, for example, using curl you can do curl --insecure https://192.168.1.2/ and curl shows the page your webserver is serving in the VM? Nowhere else is PC(s) on the same LAN having an IP from the 192.168.1.0/24 range?

IP forwarding should not make a difference because this setup should behave as if you plugged both the host and the VM into the same LAN, and traffic targetting your VM's IP address should not be handled at an IP level by your host, only within the VM. IP forwarding only affects IPv4 traffic, not Ethernet. I have a similar setup, only the host is Windows (and the guest as well), and forwarding traffic from my internet router to the VM works fine.

Original Message:
Sent: Jul 25, 2025 07:45 PM
From: kevin huntly
Subject: access workstation VM in bridged network from outside machines on Linux host

hello,

I have a VM in workstation configured with a bridged adapter and an exposed https port. I can access that port on the machine running workstation but nowhere else. I do have a firewalld rule allowing the TCP traffic. do I need to set up IPv4 forwarding in the kernel for this to work or is it something else?

No, you don't need to set up anything on the router if you're only accessing the VM from the LAN/WLAN. If I understand correctly both the LAN and WLAN is served from the same DHCP server. No route to host is not necessarily a firewalld problem. It can very well be a routing problem. Now that we know you use WiFi as well, the WiFi router may be configured to enforce guest isolation, where the router does not allow access between WiFi clients and possibly to the LAN clients either, only towards the internet, even if there's no specific firewall rule on the router for this. Anyhow this does not seem to be a VMWare problem, rather a local network problem.

correct, but I am trying to access a service on it internally so the router itself doesn't come into play unless I still need to do a port forward there for some reason?

host is DHCP, 192.168.10.x/27, 2x nics (one wireless)

guest is static, 192.168.10.19/27 with exposed 80/443 1x bridged nic with eth0 (I can try adding a 2nd on the wireless int and see what happens)

ETA: outside machines trying to get into .19 are getting a 'no route to host' which is typical of a firewall issue in my experience when they're in play. 

Original Message:
Sent: Jul 27, 2025 12:27 PM
From: Gabor Kormos
Subject: access workstation VM in bridged network from outside machines on Linux host

Hi Kevin,

Let's suppose that your host has IP address 192.168.1.1 and your VM has 192.168.1.2. When you say you can access the VM's HTTPS port from the host you mean that, for example, using curl you can do curl --insecure https://192.168.1.2/ and curl shows the page your webserver is serving in the VM? Nowhere else is PC(s) on the same LAN having an IP from the 192.168.1.0/24 range?

IP forwarding should not make a difference because this setup should behave as if you plugged both the host and the VM into the same LAN, and traffic targetting your VM's IP address should not be handled at an IP level by your host, only within the VM. IP forwarding only affects IPv4 traffic, not Ethernet. I have a similar setup, only the host is Windows (and the guest as well), and forwarding traffic from my internet router to the VM works fine.

Original Message:
Sent: Jul 25, 2025 07:45 PM
From: kevin huntly
Subject: access workstation VM in bridged network from outside machines on Linux host

hello,

I have a VM in workstation configured with a bridged adapter and an exposed https port. I can access that port on the machine running workstation but nowhere else. I do have a firewalld rule allowing the TCP traffic. do I need to set up IPv4 forwarding in the kernel for this to work or is it something else?

i disagree but I'm not sure how else to fix, so I'll just abandon this project as it's a nice to have anyway

No, you don't need to set up anything on the router if you're only accessing the VM from the LAN/WLAN. If I understand correctly both the LAN and WLAN is served from the same DHCP server. No route to host is not necessarily a firewalld problem. It can very well be a routing problem. Now that we know you use WiFi as well, the WiFi router may be configured to enforce guest isolation, where the router does not allow access between WiFi clients and possibly to the LAN clients either, only towards the internet, even if there's no specific firewall rule on the router for this. Anyhow this does not seem to be a VMWare problem, rather a local network problem.

correct, but I am trying to access a service on it internally so the router itself doesn't come into play unless I still need to do a port forward there for some reason?

host is DHCP, 192.168.10.x/27, 2x nics (one wireless)

guest is static, 192.168.10.19/27 with exposed 80/443 1x bridged nic with eth0 (I can try adding a 2nd on the wireless int and see what happens)

ETA: outside machines trying to get into .19 are getting a 'no route to host' which is typical of a firewall issue in my experience when they're in play. 

Original Message:
Sent: Jul 27, 2025 12:27 PM
From: Gabor Kormos
Subject: access workstation VM in bridged network from outside machines on Linux host

Hi Kevin,

Let's suppose that your host has IP address 192.168.1.1 and your VM has 192.168.1.2. When you say you can access the VM's HTTPS port from the host you mean that, for example, using curl you can do curl --insecure https://192.168.1.2/ and curl shows the page your webserver is serving in the VM? Nowhere else is PC(s) on the same LAN having an IP from the 192.168.1.0/24 range?

IP forwarding should not make a difference because this setup should behave as if you plugged both the host and the VM into the same LAN, and traffic targetting your VM's IP address should not be handled at an IP level by your host, only within the VM. IP forwarding only affects IPv4 traffic, not Ethernet. I have a similar setup, only the host is Windows (and the guest as well), and forwarding traffic from my internet router to the VM works fine.

Original Message:
Sent: Jul 25, 2025 07:45 PM
From: kevin huntly
Subject: access workstation VM in bridged network from outside machines on Linux host

hello,

I have a VM in workstation configured with a bridged adapter and an exposed https port. I can access that port on the machine running workstation but nowhere else. I do have a firewalld rule allowing the TCP traffic. do I need to set up IPv4 forwarding in the kernel for this to work or is it something else?