Metasploitable3 - nmap cant identify ElasticSearch

[enquire]

I'm working through the Metasploitable 3 vulnerabilities. One of the frequent ones I see mentioned is Elasticsearch on port 9200. I can't get nmap to identify that port as Elasticsearch. Even when I do a -A -sV --version-all (and a bunch of other noisy scans) the best it can do is say it's the default wap-wsp port.

So, I have 2 questions:

• Will Elasticsearch always be running on that port?
• Can anything be preventing nmap from identifying it on 9200?

I'm running through virtualbox - I've heard it can drop some packets when looking at wireshark, but I haven't heard whether the VM can affect the scan results.

 

(I've tried running the script_mvel_rce exploit blind... it copies the file but can't execute it).