GCE Firewall blocking port access inspite of setting “Allow” in firewall rules

0
votes

The GCE firewall doesn't let me telnet to the external IP port.. I always get an error Connection Refused. I'm able to ping.

I've a Google Compute Engine virtual machine setup for trial, and have an instance running on Windows Server 2016. I've disabled firewall in Windows after logging on to the said instance.. and I've setup firewall rules in the GCE setup pages, as per screenshot.

telnet 35.231.177.216 80 Connecting To 35.231.177.216...Could not open connection to the host, on port 80: Connect failed

Screenshot of the firewall rules

1
portgoogle-compute-enginefirewalltelnet
I got the answer myself. Some application has to be listening at that port for the telnet to work. I used a software called "port listener" in windows environment, to get a dummy listener. Then my telnet worked. Hope this helps.Sathish VM

1 Answers

0
votes

As best practice, is not recommended to open your firewall to all ports/protocols since you are exposing your resources all over the internet and that could be a security issue.

I would suggest you trying to follow some of these recommendations indicated in this document, that will make your infrastructure having a better security.

Regarding your test, it is forcibly to have a service running on the server that can open the port you want to reach, otherwise your connections will fail.