0

(in this post I'm using SSH / port 2222 as a substitute for any program / port; the port could be 80, could be 22, could be 9999; SSH is easy to test stuff out on, however, hence my using SSH as the specific example)

I'm running Ubuntu 20.04 LTS from the Microsoft Store via WSL2. When I do sudo /usr/sbin/sshd -ddd -p2222 via Ubuntu I'm able to connect via the Windows 10 host but not via another machine on the same LAN / subnet.

The Windows firewall is off.

In Ubuntu I added the following iptables rule:

sudo iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

It didn't help.

I tried doing this (from https://stackoverflow.com/a/63781351/569976):

netsh interface portproxy add v4tov4 listenport=2222 listenaddress=0.0.0.0 connectport=2222 connectaddress=172.30.16.3

For the connectaddress I used the address that I got by doing this:

wsl -d Ubuntu-20.04 bash -c "ifconfig eth0 | grep 'inet ' | awk '{ print \`$2 }'"

No luck.

Any ideas?

neubert
  • 6,863
  • 35
  • 76
  • 138
  • When I start a WSL Linux machine the subnet is a 172.x.y.z address (common for Hyper-V and WSL) . Are you very sure the subnet is the same as your network subnet? It never is for me. Also my WSL Linux machine shows that Networking is disabled. It still can browse . – John Aug 22 '21 at 13:45
  • 3
    Please see [this question](https://superuser.com/questions/1622581/ssh-into-wsl-from-another-machine-on-the-network) (*SSH into WSL from another machine on the network*) and my answer there. Also, see [this answer](https://superuser.com/questions/1618337/localhost-and-127-0-0-1-working-but-not-ip-address-in-wsl-windows-10/1618446#1618446) to understand the core-issue and some alternative ways to handle it. Thanks! – NotTheDr01ds Aug 22 '21 at 13:48
  • 1
    You were on the right track with the port-forwarding (although there's a better way to do it, as I linked to), but remember that when you are port-forwarding, you still need to connect to the *Windows* IP. The other machine on the network is going to have no knowledge of the WSL IP address. Once you connect to port 2222 on the *Windows* host, then the `netsh interface portproxy` should take over from there to forward the packets from the Windows NIC to the WSL vNIC. Also note that the `iptables` rule is not needed in this case. – NotTheDr01ds Aug 22 '21 at 13:54
  • @NotTheDr01ds - your answer is _specific_ to SSH. I'm trying to use this question as a placeholder for any arbitrary port. I'm just using SSH as an example because it's easy to setup. The port could be 80, could be 21, could be 9999. – neubert Aug 22 '21 at 23:42
  • 1
    Ok, in that case, please see the second answer I linked, which is more generic in terms of services/ports. `ssh` is an easier case due to the jumphost feature. But the second answer covers other services. One of the options is, of course, the `netsh` command that you are using (just with the wrong IP address). But there are three additional options I provide there as well. The easiest option for most services is to simply use WSL1. Most network/LAN use-cases are going to work better for this under WSLS1 than WSL2. – NotTheDr01ds Aug 23 '21 at 01:05

0 Answers0