Google cloud add firewall rule to receive traffic from only certain IP's.

[Sudhanshu Gaur]

I am trying to add a firewall rule to allow traffic from certain ip's, I selected Source filter as IP ranges, and in Source IP ranges I am adding (My IP/32), but the thing is the rule is not allowing my IP to receive the traffic.

Can anyone please tell me what I am doing wrong.

[Sudhanshu Gaur]

Is there anyone ?

[Mohammad I (Cloud Platform Support)]

Hello Sudhanshu,

If you are trying to create the firewall rules at the App Engine Standard Environment please follow this documentation and for the App Engine Flexible Environment follow the instructions outlined here. Select the appropriate runtime from the documents.

However, it appears that you are trying to create the firewall rules at the VPC network of Google Cloud Platform as “Source filter” and “Source IP ranges” are part of firewall rules of the VPC network of Google Cloud Platform. Please see the document “Using Firewall Rules” on how to create the firewall rules at VPC network.

Please make sure you are trying to create the firewall rules at the right component of Google Cloud Platform and no conflicting rules have been used while creating the firewall rules.

If you still experience the issue, provide the steps you have taken to create the firewall rules (ie. the tabs in the Console).

[Sudhanshu Gaur]

I am trying to add firewall rules for my compute engine instances, that's why I went to VPC network -> Firewall rules -> Create Firewall rule.

But it isn't working, please reply ASAP.

[Md (Google Cloud Support)]

Hello,

So far I understand, you are trying to add firewall at the VPC level in your project. You should be able to create  that following this help center article. Therefore, can you provide us the detailed description of the error message that you are encountering while creating that firewall rules. This will help us  to understand the nature of the issue.

[Sudhanshu Gaur]

I am not getting any error, it's just my compute engine instances are not taking requests from my IP which I have added in the rules.

[Md (Google Cloud Support)]

I would suggest to try the following:

1. You can test to see if you are getting traffic from IP by setting the rule to 0.0.0.0/0, if you see this is working, then you can restrict the firewall to only the IP he wants to give access.

2. Firewall rules are defined at the network level and therefore make sure that you follow this document while creating the firewall rules to allow incoming traffic on ports. In this document in step 11, choose " specified protocols and ports" and enter values.

3. Review if you have used a network tag or used apply to all, if using network tags, you should be adding the tag on the VM too.

4. Also verify that the traffic is not being blocked at OS level. You need to make sure there is no firewall running inside the VM blocking those connections.

5. Check to see if the port is open or closed or filtered using nmap to view open ports inside the instance.

6. You also need to verify if the application running on your server is listening to specific port. To check this, try with this command.

sudo netstat -ntlp | grep LISTEN

 

In the output, if you don't see the application beside port number, then check if your VM is rightly configured to ports for your application.

It is important to mention that Google Groups are discussion forums not a site to troubleshoot customer issues. so if you are still experiencing issues, you should be posting his question on Stack or Serverfault where the community can help you to troubleshoot his issue.