- One of the most common
questions I've had since I've recorded my
WSL version two videos is "David, okay, so I've
got this virtual machine, "lightweight virtual
machine, such as Ubuntu "running within WSL version
two on a Windows 10 computer. "But how do I access that
virtual machine remotely? "It looks like the virtual
machine is using some random, "or weird IP address. "How do I actually connect "to that virtual machine remotely?" That's what I'm gonna
show you in this video. I'm gonna show you a simple
method to allow remote access to the virtual machine. And then I'll show you some
documentation on GitHub and some scripts that you
could use if you prefer, which allows this to be more automated. Okay, let's get started. (upbeat music) Now in this example, I'm doing everything on this Windows 10 laptop. WSL version two is enabled
on this Windows 10 laptop, running Windows 10 Home edition. I'm going to however control
that laptop using VNC. And I'll also show you
how I can connect directly to the virtual machine, the
Ubuntu virtual machine running within WSL version two on
that laptop from my Mac. Okay, so let's have a look at the documentation from Microsoft. They have a section in
the WSL documentation that discusses accessing
a WSL two distribution from your local area network or LAN. So when using WSL version one, if your computer was set up
to be accessed by your LAN, then applications that
run within WSL version one could be accessed from the LAN as well. So that's what a lot of people expected with WSL version two,
but that's not the case. So this isn't the default
case in WSL version two, it uses a virtualized, Ethernet adapter with its own unique IP address. Currently, to enable this workflow, you need to go through the
same steps as you would with a regular virtual machine. They are looking to improve this. They also don't support WSL distributions that only use IP version six addresses. So that once again has
caused a lot of confusion, but let me show you how
to get this working. So what I'll do here is
open up Windows terminal that runs PowerShell by default, but I can connect to
my Ubuntu installation. So as an example, if I
searched for Ubuntu here, you can see that I've got an Ubuntu app. I'm simply using Windows terminal to access that Ubuntu virtual machine. So in PowerShell, as an example, if I typed WSL dash L dash V, I can see that I've got
an Ubuntu virtual machine using WSL version two running
on my Windows 10 computer. My Windows 10 computer is a
Windows Home edition computer. You don't need Windows professional
to use WSL version two. Okay, let's have a look at the IP address. So I could use the command IP address to view the IP address
of this virtual machine. Now you may prefer to use grep. So rather than seeing all the information grep for Ethernet zero, this is the IP address of
the Ubuntu virtual machine running within WSL version two. That's different to my Windows computer. If I open up a command
prompt and type ipconfig, I can see the IP address of
my wireless network adapter on that Windows 10 computer. So this is the IP address of Windows, and this is the IP address of
the Ubuntu virtual machine. So I should be able to ping
the Ubuntu virtual machine from Windows, which I can, so I can ping it from
my local Windows host. That's the Windows 10 operating system running on the laptop, but on my Mac. So this is a terminal running on my Mac. I should be able to ping
the Windows computer. So 192,168,1,132. So that's the Windows computer, but I won't be able to
ping the Ubuntu host because I have no route to that network. Basically, the Ubuntu host
is connected virtually to the Windows host and the Windows host is
netting its IP address. So other hosts don't know
about the Ubuntu host, it's being netted by the Windows computer. So we gonna change that. On the Windows computer, I
can open up a Remote Desktop and I can connect to localhost port 3390, or I should be able to
connect to the IP address of that Ubuntu host. Just need to make sure
my IP address is correct. So 172.232.39.4. I should be able to
connect to that Ubuntu host and log in using Remote Desktop. So again, this is the Ubuntu host, but I can't access this device with this IP address from outside. As in, from a local area network, I can access it from my Windows computer because it's running
on my Windows computer. My Windows computer has knowledge
of that virtual machine. So if I go to control
panel, as an example, go to network internet,
network and sharing center. Look at my adapter settings. I can see this virtual network
interface called four WSL. And if I look at IP addresses, I can see that have an IP
address in the same subnet as the Ubuntu virtual machine. This is using a slash 20 mask. So 255.255.240.0. These two devices on the same, sub-net logically, there's a cable
from the Ubuntu virtual machine to the Windows operating system. And then Windows is connected
to the wireless network, but devices on my local area network, including my Mac, don't
know about this network. This network is not being advertised onto the local area network. So I need to do some kind of routing or do something to make this work. So at the moment, I can connect to the Ubuntu virtual machine
using Remote Desktop on Windows. But if I try and connect to 192.168.11.32, which is the Windows computer
using this port 3390. I'm not able to do that
because I'm not allowing connections from the wireless network through Windows to this virtual network, that's connected to the Ubuntu host. Okay, so that doesn't work. So what we need to do now is basically run a single command using netsh and we're gonna do a port
proxy of IP version four to IP version four. We are going to listen to port 3390. I configured the Ubuntu virtual machine to use port 3390 for XRDP. Have a look at this video if
you want to see how I did that. We are going to allow
connections to any IP address. Port that we're gonna connect to is 3390 on the Ubuntu host. Now, when you reboot your
PC, the IP address changes. So this is the IP address
that that virtual machine was using previously. I'm gonna change that to this IP address, which is the IP address
that the virtual machine is using at the moment. So I'm going to run power
shell as an administrator, allow it to make changes. And then I'm simply gonna
paste that command in to allow proxying from any
IP address on port 3390 to my internal host on port 3390. Okay, so let's test that. I'm gonna connect using
my Mac to 1921681132, port 3390, which is the IP
address of the Windows computer. Double click on that. And notice I get prompted to log in. So I'm going to put in my
username and my password. And what I've done now is connect to the Ubuntu virtual machine
running with WSL version two on that Windows 10 computer. So just to prove a point again, IP address, grep Ethernet zero. Notice this is the IP address
of my Ubuntu host running with WSL version two. I have connected from my Mac
through the Windows 10 laptop to the virtual machine
running with WSL version two. I'm connecting to the Ubuntu
virtual machine once again with WSL version two within Windows 10. The Windows 10 computers,
basically proxying the connection from the wireless network onto the WSL virtual network. So there you go. That's the command that you need. Now, in this case, I've
already set up firewall rules to permit that traffic. So if you haven't done
that, it may not work. So go to advanced settings in your windows defender firewall. Now, depending on how you've
configured your firewall, you'll need to allow traffic
through your firewall. So under inbound rules
create a new rule for a port. So TCP or UDP port and allow specific ports
like 3390 in my example. And I'm gonna allow that connection. And click next. And I'm gonna allow that for
all domains at the moment. You may want to restrict this and not allow public connections. I'll give it a name WSL
3390 and click finish. So I've created this rule, WSL 3390. So under protocols and ports,
you can see that that port has been allowed. The reason why it was working previously is I already had that port number listed under WSL two firewall unlock properties. That was a rule that was already
created to permit traffic. If it doesn't work in your case, then make sure that you've
enabled your firewall to allow the relevant
port number 3390, or 3389 whatever port numbers you
want to that virtual machine. That's okay, but what happens
if the IP address changes? You'll have to add this
command every single time the IP address changes. Now on GitHub, this issue is
documented under issue 4150. And here's a TCP workaround so someone's describing the
issue and then further down, someone created a script. So here's a bunch of explanation. And then here's a script
that someone created to allow certain ports
through the firewall. And this is why I had those
rules in my firewall rules because I ran the script while I edited the script and then run it. So you can create in that rules using this and add exceptions to your firewall rules using the script. Now, someone has updated this because this IF conflict command doesn't
work by default on Ubuntu. So further down here,
someone makes the point of using IP address rather
than using IF config. So do this rather than IF config. Another person Shane has
actually created WSL 2 hacks, and he's created an
application that automatically does this for you. Now, I haven't tested this, so I don't know how well it works. I've simply used manual configurations and the script that's
available here on GitHub. So the advantage of using the script is if your IP address changes, it will just automatically
update things so that you can still access your virtual machine. Now you use those scripts
at your own risk, obviously, if you're unsure, then
just use this netsh command to allow connections from
a specific port number to a specific IP address
and do that manually. Now, something else to
be aware of with regards to your firewall at the
moment, I can't ping google.com from my WSL Ubuntu virtual machine. And that's because my firewall
is blocking that traffic. So as an example, if I
turn off my firewall, I can ping google.com
from that virtual machine. Be careful with your firewall. Basically Windows has got this firewall that's either permitting
or denying traffic to your WSL virtual machine. So you've got to make sure that
you have the firewall rules set up to permit or deny traffic. Okay, I'm hoping this helps you, hoping that this has
answered the question of how to get remote access
to WSL virtual machines from your local area
network as an example. You basically have to set up a proxy to allow your Windows 10
computer to proxy connections from your wireless network
or your physical network onto the WSL version two network. I'm David Bombal. I want to wish you all the very best. (upbeat music)
