SSH from a specific network doesnot work

[Sandeep Balaji]

Hi,

I am not able to ssh to the compute engine instance from my office wifi.

But when I switch my to home network, it connects well.

gcloud compute ssh my-instance  

ssh: connect to host <ip-address> port 22: Connection timed out

ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

gcloud -v

Google Cloud SDK 195.0.0

alpha 2018.03.23

beta 2018.03.23

bq 2.0.30

core 2018.03.23

gsutil 4.29

Thanks,

Sandeep CB

[Dinesh (Google Platform Support)]

Hi Sandeep, 

First please note that the Google Group is intended for general product-related discussions and service status, not for the troubleshooting. You can use the Community Support Overview to figure out which of our support platforms is better suited for your question. Server fault is likely to be a good fit.

As you can SSH from your home network successfully, this looks like your office network issue. Please check and confirm your local network firewall or proxy is not blocking your connection on port no 22. You may want to try following SSH command in verbose mode to view debug level logs to understand failure cause. Error code 255 is very generic and does not provide much information. 

"gcloud compute ssh USERNAME@InstanceName --ssh-flag="-v" --zone=ZoneName"

 Regards,

[Sandeep Balaji]

Hi Dinesh,

This is the error I am getting 

gcloud compute ssh username@instance --ssh-flag="-v" --zone=us-east1-b

OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g  1 Mar 2016

debug1: Reading configuration data /home/username/.ssh/config

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to ip-address [ip-address] port 22.

debug1: connect to address  ip-address port 22: Connection timed out

ssh: connect to host  ip-address port 22: Connection timed out

ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255]

It could be that instance is blocking this network 

I tried telnet from local to instance.

telnet instance-ip-address 22

Trying instance-ip-address..

telnet: Unable to connect to remote host: Connection timed out

Note : All ip-address mean actual ip-address of the instance. 

[Dinesh (Google Platform Support)]

Please check that GCP firewall[1] is not blocking this SSH connection? As you suggested in the first post that you can SSH from your home network, there could be a case that ingress firewall connection (for TCP:22) is allowed only for your home network IP ranges. 

You may want to try nmap port scanning[2] from your local machine to view open port on VM instance. 

Moreover, please make sure firewall on the instance(e.g. iptables) is allowing the ssh port. You can use interactive serial console[3] to disable the firewall on the VM, if required.  

If you still unable to resolves your issue, please provide me your project number, instance name in a private message. 

[1]: https://cloud.google.com/vpc/docs/firewalls

[2]: https://nmap.org/book/man-port-scanning-techniques.html

[3]: https://cloud.google.com/compute/docs/instances/interacting-with-serial-console