Can't connect SPICE/VNC to VM in Fedora Server 41

ofesad · February 19, 2025, 5:58am

Hi people. Ofesad here from Argentina.
I have my personal home server running fedora 41, working fine.
I wanted to run a VM with Ubuntu.
I created the VM, changed to UEFI, mounted the iso, installed. Everything is good.
Took note of the VM IP (virtual network), enabled ports (5900,5901) in both the server and the virtual network interface.

On my Windows 10 laptop: Installed virtviewer, added it to the firewall and allow’d it and launched it.
Try’d to connect to the ip (spice://192.168.122.118:5900 or spice://192.168.122.118:5901) Unable to connect to the graphics server

Changed the network config on the VM to direct, so it will conect directly to my network, tryd to connect: same.

Added ports to the VM firewall (ubuntu).
Same.

I am missing something for sure.

Please advice.

barryascott · February 19, 2025, 9:52am

The VM is on a NAT network. It can call out but you cannot call in.
Just like on a ipv4 home router.

What I do is add a bridge network device and configure my VMs to use the bridge. Now the VMs will get an ip address from your networks DHCP server. And you can use that address from your windows box.

vgaetera · February 19, 2025, 11:47am

Connecting to a SPICE/VNC display remotely requires the following:

Make it listen on all interfaces in the display settings.
Configure the ports statically if you have multiple VMs.
Add permissive firewall rules for the relevant ports.

Note that the service binds to the host interface, not the guest.

ofesad · February 19, 2025, 7:54pm

I did that too.
The sittuation is the same.

It gets an IP fron the router and I cant connect, same error.

Changed the network config of the VM:
model from virtio to e1000e and does the same.

Disabled the server firewall completely, same.

Clarely I am doing something wrong that I cant figure out.

Just to clarify: the VM can conect to the network (either bridge o direct) perfectly.

Ofesad.

ofesad · February 19, 2025, 9:56pm

Yup. Correct.

But I alredy try’d direct connection and bridge.
In both cases it gets an ip from my router (192.168.0.213), but still I am unable to connect.

Will do a tcpdump and disable the VM firewall and see whats happen

Ofesad

vgaetera · February 19, 2025, 10:00pm

To be clear, you need to connect to the LAN IP of your Fedora server.
It doesn’t matter how you configure network on the guests.
This works even if the guests don’t have any NIC.

If the issue persists, check the output on the Fedora server:

sudo firewall-cmd --get-active-zones
sudo firewall-cmd --list-all
sudo ss -lnpAinet | grep -e qemu
sudo virsh list --all
sudo virsh dumpxml VM --xpath //graphics

ofesad · February 21, 2025, 5:08am

sudo firewall-cmd --get-active-zones

FedoraServer (default)
  interfaces: enp5s0
libvirt
  interfaces: virbr0

sudo firewall-cmd --list-all

FedoraServer (default, active)
  target: default
  ingress-priority: 0
  egress-priority: 0
  icmp-block-inversion: no
  interfaces: enp5s0
  sources:
  services: Deluged Delugedadmin SFTPGo SPICE Scrapydweb cockpit dhcpv6-client mysql samba ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

sudo ss -lnpAinet | grep -e qemu

tcp   LISTEN 0      1                127.0.0.1:5900       0.0.0.0:*    users:(("qemu-system-x86",pid=4102,fd=40))
tcp   LISTEN 0      4096                 [::1]:5901          [::]:*    users:(("qemu-system-x86",pid=4102,fd=11))

sudo virsh list --all

 Id   Nombre                    Estado
--------------------------------------------
 1    ubuntu24.04-2025-2-21-B   running
 -    ubuntu24.04-2025-2-21     off

Sorry for the delay. Had to reinstall the entire server. The Raid1 nvme decided to fail. Probably due to me changing things to try to make this work lol.

ALSO, now I am trying to reinstall these VMs. It boots, shows the Ubuntu logo but it doesnt get into desktop or installer. ( mouse seems to show the X)

vgaetera · February 21, 2025, 11:54am

You missed the very first step:

Virtual Machine Manager > VM > Show virtual hardware details > Display Spice > Details > Spice Server > Address > All interfaces > Apply

ofesad · February 21, 2025, 1:16pm

Errmmm… No such option on Cockpit ?

vgaetera · February 21, 2025, 3:35pm

You can use Virtual Machine Manager or CLI:

export VM="ubuntu24.04-2025-2-21"
export LIBVIRT_DEFAULT_URI="qemu:///system"
export EDITOR="sed -i -e \"/listen/s/'127\.0\.0\.1'/'0.0.0.0'/\""
virsh shutdown ${VM}
virsh edit ${VM}
virsh start ${VM}
unset EDITOR

ofesad · February 21, 2025, 4:23pm

Nope. It remains the same.
It keeps giving the same error.

— UPDATE —

I can connect with VNC (tightvnc/tigervnc) to port 5900 and it works fine.

Topic		Replies	Views
Spice vm connection? Project Discussion workstation-wg	0	617	June 12, 2022
SSH and Virtualbox and Windows Ask Fedora f37 , virtualbox	7	1170	January 19, 2023
Gnomes boxes configuration to access a Virtual Machine over the network Project Discussion workstation-wg	2	847	June 6, 2021
SSH into virtual machine (gnome-boxes) Ask Fedora f35	10	5265	January 9, 2022
Cannot use WiFi on my QEMU VM? Ask Fedora	27	8429	September 8, 2021

Can't connect SPICE/VNC to VM in Fedora Server 41

Related topics