2

I have a KVM server (host) with multiple virtual machines (guests).

My goal is my host forward port 23 to port 22 of a guest running an ssh service.

Command example...

ssh root@[HOST_IP] -p 23

NOTE I: That was the command I used on the host to make the port forward...

firewall-cmd --permanent --add-forward-port=port=23:proto=tcp:toaddr=[GUEST_IP]:toport=22
firewall-cmd --reload

NOTE II: I know that ssh itself provides the means to make this possible, but I really want this process to be "transparent" for the user to access the guest directly.

NOTE III: I will need to do a similar process for other ports (eg 389) so that I look for a process that works in other similar cases.

Thanks! =D

UPDATE I:

Currently the...

ssh root@[HOST_IP] -p 23

... command returns me the following error...

ssh: connect to host 172.16.13.8 port 23: Connection refused

UPDATE II:

Directly related thread here!

Eduardo Lucio
  • 269
  • 4
  • 14
  • You should avoid double NAT if possible. If your host's external network has non-public addresses and can route a block of private IP addresses to you, then you should just route normally, instead of port forwarding. – Michael Hampton Aug 22 '19 at 01:41

1 Answers1

1

The "only" way we can make a port forward using KVM (libvirt) with the "default network" (virbr0) is using the hack/workaround informed by @Antony Nguyen . Or more simply you can use libvirt-hook-qemu.

This thread has a complete explanation of how to solve this problem for CentOS 7 (and certainly for other distros) using libvirt-hook-qemu: https://superuser.com/a/1475915/195840 .

Eduardo Lucio
  • 269
  • 4
  • 14