How to set up port forwarding with IP forwarding to vagrant VB box

I'm using Debian on host as well as guest but for other distributions configuration should be  the same and commands should be similar. I'm considering only Virtual Box guests.

First we need to configure private network on vagrant guest by adding following lines to Vagrantfile:

 config.vm.network "private_network", ip: "192.168.1.2"



This way vagrant will create additional host-only network for this box.
On the host there should be new network interface called vboxnet0 with ip 192.168.1.1. You can always list network interfaces with:

ifconfig

 I'm also asuming public IP of the host is 85.85.85.85 and is connected to eth0. Check your configurtion with ifconfig and adjust accordingly.
On the guest there should be additional network interface called eth1. Check your specific configurtion with ifconfig and adjust accordingly:

vagrant ssh
sudo ifconfig

 The problem with default (dhcp) configuration of port forwarding in vagrant boxes is that guests don't see clients IPs but only IP of the host (10.0.2.1). This is undesired then I'm running website and want to track users by IP. To configure IP forwarding along with port forwarding on private network (host-only) run these commands on host:


echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A PREROUTING -t nat -i eth0 -d 85.85.85.85 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2:80
iptables -A FORWARD -p tcp -d 192.168.1.2 --dport 80 -j ACCEPT

I'm asuming port 80 need to be forwarded byt any port can be given. On guest you need to issue this command to allow backwards communication:


vagrant ssh
sudo route add default gw 192.168.1.1 eth1

Newtork configuration of this example can be illustrated on following picture: