How to get WSL2 to route traffic through ProxyCap ssh tunnel - proxy

I'm trying to get WSL2 to use the tunnel present in my windows environment but I'm struggling with getting it to work properly.
In order to access our company servers I've set up ProxyCap to open a ssh connection to a proxy server. The only thing I did was point it to our jump server and then set up the following rule.
Now this works flawlessly in Windows and I'm able to ping a machine inside our company network by doing a simple ping x.x.x.x:pppp. However once I start my WSL2 environment and try pinging the same ip and port the only thing I get back is ping: ping x.x.x.x:pppp: Name or service not known.
My initial guess is that this is due to the network in WSL2 being different from the network in Windows. Is there any way to make WSL2 utilize the proxy tunnel running in my Windows environment?
I've also tried running sshuttle inside WSL2 to see if I could access the server that way and not have to go through Windows (I'm using the same command I use on my Linux machine where it works) but I get the same problem this way.

Related

Howto route network traffic from WSL2 through a VPN connection established by the Windows 10 host?

So what I'm trying to do is to use nested VPN connections inside WSL2. The Windows 10 host is logged into one (Cisco AnyConnect, if it makes any difference) VPN, and I'm trying to establish another (openconnect GP protocol) VPN connection inside WSL2, that would get routed through the host OS's established VPN tunnel.
This all works fine with VirtualBox using NAT networking, but I have absolutely no idea how to achieve the same result with WSL2.
Zero experience with Windows networking, so don't really know where to even start (other than Googling, which has been of zero help so far). I have no need for any fancy VLANs or network confs for WSL2 containers. I'm simply using WSL2 to avoid the utter horseshit that is development tools running on Windows.

Localhost refused to connect on WSL2 when accessed via https://localhost:8000/ but works when using internal WSL IP adress

What I'm Trying to Achieve
To access localhost from my local machine during the development of a Symfony web app.
My Environment
WSL2 running on Windows 10
Linux, Apache2, MySQL, PHP-7.4 stack (with Xdebug3 intalled)
Debian 10
Symfony 5.4 (although not sure on if relevant to this problem)
Steps I've Taken
Set up WSL2 according to this Microsoft WSL2 tutorial
Set up LAMP stack according to this Digital Ocean tutorial
Set up Symfony according to this Symfony tutorial
Run the following bash script on startup to start my services and set the host to the virtual WSL IP in my xdebug.ini file
#!/bin/sh
REMOTEIP=`cat /etc/resolv.conf | grep nameserver | sed 's/nameserver\s//'`
sed -i -E "s/client_host=[0-9\.]+/client_host=$REMOTEIP/g" /etc/php/7.4/mods-available/xdebug.ini
service php7.4-fpm start
service apache2 start
service mysql start
Run my Symfony project on the development server using symfony serve -d (Symfony then tells me "The Web server is using PHP FPM 7.4.23 https://127.0.0.1:8000")
Go to https://localhost:8000/ in Chrome where the app is running
What I Expect to Happen
My Symfony web app to be running on https://localhost:8000/ when I visit the URL in my Chrome browser
What Actually Happens
I get "This site can't be reached localhost refused to connect." in the Chrome browser
What I've Tried
This used to happen less frequently and I would give my laptop a restart, repeat the process above, and I could connect via https://localhost:8000/. However, it refuses to connect more regularly now (like 8/10 times I start up for the day)
Connecting to https://127.0.0.1:8000 yields the same result.
Connecting to the site using the internal WSL IP address, found using hostname -I and replacing localhost with this IP (still on port 8000). This is an adequate workaround to use my app, however I am unable to interact with my database via MySQL Workbench without having to set up a new connection, therefore a fix where I can use localhost would be very helpful!
(Based off comments) Only ran symfony serve -d without starting apache and PHP services separately - still sometimes allows connections to localhost but sometimes doesn't work.
Conclusion
The behaviour is odd as it works sometimes but other times it doesn't when the exact same steps are carried out. I am unsure where else to look for answers and I can't seem to find anything online with this same problem. Please let me know if any config files, etc would be helpful. Thank you so much for your help! :)
When it's working normally, as you are clearly aware, the "localhost forwarding" feature of WSL2 means that you can access services running inside WSL2 using the "localhost" address of the Windows host.
Sometimes, however, that feature breaks down. This is known to happen when you either:
Hibernate
Have the Windows "Fast Startup" feature enabled (and it is the default). Fast Startup is a pseudo-hibernation which triggers the same problem.
Typically the best solution is to disable Hibernation and Fast Startup. However, if you do need these features, you can reset the WSL localhost feature by:
Exiting any WSL instances
Issuing wsl --shutdown
Restarting your instance
It's my experience that localhost forwarding will work after that. However, if it doesn't, thanks to #lwohlhart in the comments for mentioning that another thing to try is disabling IPv6 on WSL2, since (I believe) there's a possibility that the application is listening on IPv6 while the Windows->WSL2 connection localhost connection is being attempted on IPv6.
You can disable IPv6 on WSL2 per this Github comment by creating or editing .wslconfig in your Windows user profile directory with the following:
[wsl2]
kernelCommandLine=ipv6.disable=1
A wsl --shutdown and restart will be necessary to complete the changes.
If you find that this works, it may be possible to solve the issue by making sure to either use the IPv4 (127.0.0.1) or IPv6 (::1) address specifically in place of localhost on the Windows side, or by configuring the service to listen on both addresses.
Try to run command netstat -nltp. It shows active addresses and ports. Your nginx process should be run at 0.0.0.0:8000. 0.0.0.0 means the nginx process is available from anywhere.
If your nginx process is ran by any specific ip address, you should access it by that ip address, e.g http://192.168.4.2:8000.

SSH connect from local windows VM to Azure windows VM

I want to have a SSH connection from my local windows machine or VM on my computer to Azure windows server VM. I tried Cygwin and Putty but both of them gave timeout connection. I used public ip address and opened port 22 on Azure VM.
I will appreciate if some one can give me any hints or links.
There are multiple firewalls that can be the reason here. Fist you must have a rule on the server to allow incoming SSH requests (port 22). Then you need to configure the NSG(Network security group) to allow incoming on port 22. If it still doesn't work, you need to verify that you are allowed to do an outgoing SSH request from your computer.
Thanks for suggestions, I found the problem which was the host machine IP address(ipconfig) (where is a local VM inside domain) was different from the IP address that communicate outside the domain to internet. I was set in NSG of Azure VM to only accept this IP and because of that it gave time-out error. After changing the IP it works.

How to setup Vagrant DNS servers in MacOS without change the DNS in the network setup

I have a vagrant machine and this vm runs a DNS server to resolve the internal domains of each micro-service instance running in a docker container inside the vagrant. Actually, after run vagrant up, I need to put the vagrant vm IP address in my network configuration to my computer resolve the development domain, so I can access the application, but the problem is that I work remotelly and frequently I need to connect in public hotspots that uses network authentication and if I have the vagrant DNS in my interface's configuration I could not connect to the hotspot without removing the vagrant IP, but I need to put it back after some minutes later to start working.
So, the question is, there is a way to configure an virtual interface or a VPN interface that points to the vagrant but does not block my network as I describe above ?
When I was using linux, I just put the vagrant IP in the resolv.conf and I had no headaches, but as MacOS does not have the resolv.conf like linux, I could not find a easy way to deal with theses problems.

vmWare Workstation External Accessibility Issue

I'm running Windows Server 2012 w/ vmWare Workstation. I've built a GitLab VM on Centos 7 that's totally setup and accessible on my local network. It's configured using Bridged Mode so it has it's own IP from the DHCP Server.
I use No-IP to connect to my Network externally which has been working great for several years now. I have port-forwarding setup within my router to forward traffic for the GitLab webUI to the GitLab VM, but it's not accessible externally. I even tried setting up the port forwarding to direct the traffic to the Windows Server and then setup internal port forwarding w/ netsh on the Windows Server to forward the traffic to the GitLab VM, making sure I opened the port on the Windows Firewall (even tried disabling it), but I still can't get to the GitLab VM externally. AFAIK running a VM w/ a Bridged adapter should essentially be like it is just another physical machine on the network.
Now, I am running IIS on the Windows Server, but when I specify a specific port using my public No-IP Domain, the router should detect the traffic on that port and forward it according to the rules that I have setup, correct? IIS shouldn't be interfering with any traffic on other ports with the external Domain.
I'm totally stumped on this on and searching around the web really hasn't helped much.
So it turns out that I did everything 100% correctly with setting up port forwarding right to the IP of the VM, but my workplace blocks just about every port except for 80 and 443. Tested connectivity from an AWS box and everything is accessible exactly as designed.
Now I just feel like an idiot, but hey, I figured it out.

Resources