0

I have a Windows 11 Hyper-V host with two guests, Windows Server 2012, and Debian 12, both has web servers.

From host I can reach web server on Windows Server 2012 but cannot reach web server on Debian. Ping from host to Debian guest is OK, and vice versa. From Debian I can access Windows Server web server.

  • Virtual machines are connected via External Virtual Switch. From local browser on Debian I see the home page on the same machine.
  • Tested Apache and python web servers with identical results.
  • Disabling the ufw didn't help.
  • Host IP is .108, Debian guest IP is .107. When trying to access home page in guest from host Wireshark packets captured showed:
> 192.168.100.108 192.168.100.107 TCP 66 52165 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM > 192.168.100.107 192.168.100.108 ICMP 94 Destination unreachable (Communication administratively filtered) > 192.168.100.108 192.168.100.107 TCP 66 52166 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM > 192.168.100.107 192.168.100.108 ICMP 94 Destination unreachable (Communication administratively filtered) > 192.168.100.107 192.168.100.108 ICMP 94 Destination unreachable (Communication administratively filtered) > 192.168.100.108 192.168.100.107 TCP 66 [TCP Retransmission] 52165 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM > 192.168.100.108 192.168.100.107 TCP 66 [TCP Retransmission] 52166 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM > 192.168.100.108 192.168.100.107 TCP 66 52167 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM > 192.168.100.107 192.168.100.108 ICMP 94 Destination unreachable (Communication administratively filtered) > 192.168.100.107 192.168.100.108 ICMP 94 Destination unreachable (Communication administratively filtered)

Any clue of what is happening would be appreciated.

Improve this question
4
  • To make sure I understand: Fro the host you can ping the Debian VMs interface, but you cannot access the web server? Commented Apr 9 at 13:41
  • Did you research what "Communication administratively filtered" means? Have you tried an Internal switch? Commented Apr 9 at 13:45
  • "Did you research what "Communication administratively filtered" means? " yes and it should be some kind of firewall, but I've deactivate the firewall in the linux machine. " From the host you can ping the Debian VMs interface, but you cannot access the web server" yes ping works in both directions but web server only in one, I can see host web server from debian guest, but I cannot see guest web server from host browser. But I can see guest browser from other VM running Windows Server and using same VM-Switch. Commented Apr 9 at 14:35
  • I've also tried telnet port 80 from host, curl from host, nothing worked. Commented Apr 9 at 14:37

1 Answer 1

Reset to default
0

Solved I'm newbie in linux and everywhere I've found references to iptables and ufw, but happened to be other firewall service firewalld, stopping that started to work.

systemctl stop firewalld

To allow port 80 in firewalld:

firewall-cmd --permanent --add-service=http --add-service=https firewall-cmd --reload firewall-cmd --state
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.