Cannot access Google Cloud Compute Instance External IP

C

10

21

I have set up an Google Cloud Compute Instance:

Machine type
- n1-standard-1 (1 vCPU, 3.75 GB memory)
CPU platform
- Intel Haswell
Zone
- us-east1-c

I can ssh in using the external address.

I have installed the vncserver and can access it on port 5901 from localhost as well as the internal IP.

I am trying to access it from the static, external IP address but it is not working.

I have configured the firewall to open to port to 0.0.0.0/0, but it is not reachable.

Can anyone help?

------after further investigation from the tips from the two answers (thanks, both!), I have a partial answer:

The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a ressponse from the service over the internet.

The summary of the current situation is as follows:

The external IP address can be reached
It is enabled and working for SSH
It is enabled and working for HTTP
It does not seem to allow traffic from vncserver

Any idea how to configure the compute instance to allow for vncserver traffic?

Charmainecharmane answered 14/10, 2016 at 19:22 Comment(5)

Forgot to mention, I can ping the external IP from a computer outside the Google Cloud network – Charmainecharmane 14/10, 2016 at 19:24

Can you paste your firewall settings here? Also, try to start a simple HTTP server with "python -m SimpleHTTPServer 80", try to access it from the internet. – Differentiable 14/10, 2016 at 19:42

The fire wall rules from the Google Cloude Network console are: > default-allow-icmp 0.0.0.0/0 icmp Apply to all targets default > default-allow-internal 10.128.0.0/9 tcp:0-65535, 2 more Apply to all targets default --default-allow-rdp 0.0.0.0/0 tcp:3389 Apply to all targets default --default-allow-ssh 0.0.0.0/0 tcp:22 Apply to all targets default --vnc-server 0.0.0.0/0 tcp:5901 vnc-server default – Charmainecharmane 14/10, 2016 at 20:1

and I started a simple HTTP server using "python -m SimpleHTTPServer 80". Can't access from the internet. – Charmainecharmane 14/10, 2016 at 20:11

// , This might sound nitpicky, but would you be willing to rephrase this as a question? It can really help out the noobs who might be coming to Stack Overflow for the first time. – Epistaxis 30/3, 2017 at 5:10

W

12

If you already verified that Google Firewall or your VM are not blocking packets, you must make sure that VNC service is configured to listen on the external IP address.

You can always use a utility like nmap outside Google project to reveal information on the port status.

Wilhelmina answered 14/10, 2016 at 19:58 Comment(4)

I ran netstat -antup....and see the following: . . Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5902 0.0.0.0:* LISTEN 2634/Xtightvnc tcp 0 0 0.0.0.0:6002 0.0.0.0:* LISTEN 2634/Xtightvnc . . – Charmainecharmane 14/10, 2016 at 21:10

5902? The firewall is open for 5901? – Differentiable 14/10, 2016 at 21:22

I learned, just before posting the comment that vncserver changes the port depending on the display it assigned. It takes a range from 5900 - 5909, as I understand. I have update the firewall accordingly. – Charmainecharmane 15/10, 2016 at 7:19

// , This was the problem with our instance. Thanks for the tip, @Carlos. – Epistaxis 30/3, 2017 at 5:7

D

5

enable http/https traffic form the firewall as per the need. it will work!!

Doloroso answered 17/9, 2018 at 8:51 Comment(0)

B

2

In addition to having the firewall rules to allow HTTP traffic in both Google Cloud Platform and within the OS of the instance, make sure you install a web server such as Apache or Nginx.

After installing the web server, you connect to the instance using SSH and verify you do not get a failed connection with the following command:

$ sudo wget http://localhost

If the connection is positive, it means that you can access your external URL:

http://<IP-EXTERNAL-VM>

Backstroke answered 17/12, 2018 at 7:28 Comment(2)

I am getting the following error: Connecting to localhost|127.0.0.1|:80... failed: Connection refused I am using Container-optimized-OS. Can you suggest what might be wrong? – Job 17/9, 2019 at 18:49

You have to make sure that the port you are trying to access is open, otherwise you should open it: https://mcmap.net/q/660565/-how-to-access-google-cloud-engine-instance-39-s-ip-address-via-browser. It is a very common mistake regardless of what you want to display (OS, app server, etc), therefore, treat it as a generic problem and not something specific to Container-optimized-OS. – Backstroke 17/9, 2019 at 18:53

C

2

Create a new firewall rule to allow other port where you app is running. For me this thing works:

Go to the GCP Console.Go to firewall policies
Click Create firewall rule.
Enter a Name for the firewall rule. This name must be unique for the project.
Under “Targets”, select “All instances in the network”.
Under “Source IP ranges”, enter 0.0.0.0/0 to allow traffic from any IP address.
Under “Protocols and ports”, enter tcp:8080 to allow traffic on port 8080 (assuming your app listens on port 8080). Click “Create”.

now you can access your app with its IP. ex: IP:port

Committee answered 13/10, 2023 at 10:18 Comment(0)

C

1

The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a response from the service over the internet.

As such, the original question is answered, I can access Google Cloud Compute Instance External IP. My wider issue is still not solved, but I will post a new, more specific question about this issue

Charmainecharmane answered 15/10, 2016 at 8:59 Comment(0)

S

1

TLDR: make sure you are requesting http not https

In my case i was following the link from my CE instance's External Ip property which takes you directly to the https version and i didn't set up https, so that was causing the 'site not found' error.

Survivor answered 23/11, 2019 at 15:5 Comment(0)

C

1

Usually there are two main things to check.

1. Port

By default, only port 80, 443 and ICMP are exposed. If your server is running on a different port, create a record for the same.

2. Firewall

Make sure you are allowing http and https traffic based on your need. oua re

Carlow answered 27/5, 2020 at 12:19 Comment(0)

C

1

For me the problem was that I set up the traffic for the firewall rule to be 'Egress' instead of 'Ingress'.

Cruzcruzado answered 8/12, 2021 at 1:47 Comment(0)

S

0

Create an entry in your local ssh config file as below with mentioned local forward port. In my case its an example of yarn's IP, which I want to access in browser.

Host hadoop
     HostName <External-IP>
     User <Local-machine-username>
     IdentityFile ~/.ssh/<private-key-for-above-user>
     LocalForward 8089 <Internal-IP>:8088

Submissive answered 23/7, 2018 at 17:49 Comment(0)

D

0

If anyone already initiated 'https' just disable it and check again.

Dalury answered 15/2, 2022 at 9:23 Comment(1)

Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center. – Seraphim 15/2, 2022 at 12:46

Recommended topics

Hot tags