How to connect to external proxy on port 3459 from GCP VM Instance?

0
votes

I have a proxy server which accepts connections on port 3459. When I am trying to connect to it from my local computer, I am able to connect. To test I ran this command in terminal:

curl --proxy http://proxy_url:3459 --proxy-user user:password -L icanhazip.com

When I tried to run the same in a GCP Compute Engine VM instance which lies in a non-default VPC (named testing-vpc), I'm unable to connect to the proxy. I have created a firewall rule to open port 3459 by following command:

gcloud compute firewall-rules create proxy-allow-egress-port3459 \
  --network testing-vpc \
  --action allow \
  --direction egress \
  --rules tcp:3459 \
  --destination-ranges 0.0.0.0/0 \
  --priority 10 \
  --target-tags testing-proxy

and attached the tag testing-proxy in my instance. Still, its not working. Please let me know what am I missing here.

1
networkinggoogle-cloud-platformgoogle-compute-enginefirewall
- Every VPC network has two implied firewall rules which permit outgoing connections and block incoming connections (However, GCP firewall rules are stateful, it allows bidirectional communication once a session is established). Creating a firewall rule to allow outgoing traffic isn’t required unless outbound access is restricted by a higher priority firewall rule.ping-devops
Just to ensure that the configuration were correctly done, could check the following: - Have you already checked if traffic from the VM Instance is allowed on the external proxy server on port 3459? - Is the VM instance able to send traffic to any other external hosts on the Internet? Also is it possible to share a basic diagram showing the expected network path from the VM instance to the proxy server (showing the NAT gateway instance and any other components in between the source and destination)ping-devops

1 Answers

1
votes

You are creating an egress (--direction egress) rule, whereas you need an ingress rule to permit connections inbound destined to the GCE instance.