Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

README should mention firewall issues #1

Open
kkeane opened this issue Apr 24, 2021 · 3 comments
Open

README should mention firewall issues #1

kkeane opened this issue Apr 24, 2021 · 3 comments

Comments

@kkeane
Copy link

kkeane commented Apr 24, 2021

Thanks for building this very useful utility!

After installing the virtualbox_WSL2 plugin, I found that it was not working for me. After some troubleshooting, I found that the problem was the Windows Firewall. It worked fine with the firewall disabled.

This should be documented in the README.

The specific problem is that from the host's perspective, the VirtualBox VMs appear to be in the public zone. This cannot be changed (Windows limitation). In addition, depending on your configuration, traffic in or out of the VM may get blocked by the firewall.

I found that the following PowerShell script opens the firewall enough, without completely disabling it. Note: this script only allows DNS traffic, which was the problem for me. You may need to open additional ports.

$adapters=(Get-NetAdapter | Where-Object Name -like 'vEthernet*')

Set-NetFirewallProfile -DisabledInterfaceAliases $adapters.Name

# For VirtualBox, we also need to allow DNS to/from anywhere
# If security is a concern, you could also set -RemoteAddress but we do not do that here
# for flexibility
New-NetFirewallRule -Name UsdDNSReq  -DisplayName "Allow DNS Req" -Direction Inbound  -LocalPort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSResp -DisplayName "Allow DNS Resp" -Direction Inbound -RemotePort 53 -Protocol UDP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPReq  -DisplayName "Allow DNS TCP Req" -Direction Inbound  -LocalPort 53 -Protocol TCP -Action Allow
New-NetFirewallRule -Name UsdDNSTCPResp -DisplayName "Allow DNS TCP Resp" -Direction Inbound -RemotePort 53 -Protocol TCP -Action Allow
@alvaro-gh
Copy link

I didn't go with those specific rules but @kkeane description helped me. Since I don't want to get to powershell about this, these were the steps I followed to enable the firewall rules the Windows UI way (PLEASE don't do this unless you're in a safe network):

  • Open the Windows Defender Firewall application.
  • Look for "VirtualBox Headless Frontend" rule name, "Public" profile. You'll see one rule for TCP and another one for UDP.
  • Right click on each of them, hit Properties.
  • Set to "Allow connection" in the Action section of the "General" tab.

The option names might differ, my windows is in spanish.
Once again, PLEASE don't do this unless you're in a safe network or revert the changes once you're done.

@jshank jshank mentioned this issue Jan 13, 2022
Open
@hlombard
Copy link

Hi, you should definitly mention your previous message in your README (authorizing Public rules). Not sure how long that would have taken me to find it out by my self. Thanks !

@ZacksHomeLab
Copy link

To reiterate on what @hlombard said, to set the mentioned firewall rules to Public, run the following command in an elevated PowerShell (on Windows, not within WSL2):

Get-NetFirewallRule -DisplayName "VirtualBox Headless Frontend" | Set-NetFirewallRule -Profile Public

Also, as @mxdlx mentioned, only do this on a safe network.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kkeane @alvaro-gh @hlombard @ZacksHomeLab