Can't open port at GCP Firewall

Question

I've installed cPanel on CentOS7 VM by using following commands:

sudo su root
clear
yum -y install perl
hostname vps.DOMAINNAME
cd /home 
curl -o latest -L https://securedownloads.cpanel.net/latest 
sh latest

Then I've got Network Manager error: NetworkManager is installed and running. Hence, I disabled Network Manager using following command.

systemctl stop NetworkManager.service
systemctl disable NetworkManager.service

Then I reinstalled cPanel using following command:

curl -o latest -L https://securedownloads.cpanel.net/latest
sh latest

Then, after installing cPanel, I've got some url https://SERVERIP:PORT, but click on this url gave me ERR_CONNECTION_TIMED_OUT.

So, I decided to open ports on the Firewall by creating a rule:

Name : allroute
Logs: On 
Network : Default
Priority: 1000
Direction : Ingress
Action on match : Allow
Targets : All instances in the network
Source filter : IP ranges
Source IP ranges : 0.0.0.0/0
Second Source filter : None
Protocal and ports : Specified protocals and ports 
tcp : 1-65535
udp : 1-65535

Unfortunately, it didn't work. Please help me to solve this issue. Thanks for your time and help.

Serhii Rohoza · Answer 1 · 2020-03-06T09:00:47.787

0

To open HTTPS access to your VM I'd recommend you go to Compute Engine -> VM instances -> click on NAME_OF_YOUR_VM_INSTANCE -> click on EDIT -> go to section Firewalls and select Allow HTTPS traffic and after that pres Save button.

I do not recommend open access to all ports tcp : 1-65535and udp : 1-65535 at All instances in the network. To make your rule working you should change Priority like it described in the documentation Creating firewall rules:

Specify the Priority of the rule. The lower the number, the higher the priority.

To override Pre-populated rules in the default network you should use lower Priority than have existing rules.

In addition, have a look at the documentation Configuring network tags:

Network tags are text attributes you can add to Compute Engine virtual machine (VM) instances. Tags allow you to make firewall rules and routes applicable to specific VM instances.

Also, you don't need to use dedicated firewall on your instances because they've already protected by GCP Firewall.

edited Mar 06 '20 at 09:00

answered Mar 06 '20 at 08:34

Serhii Rohoza

1,424
2
5
15

Hey @SerhiiRohoza I've opened HTTPS access but still its not working. – Maqsud Inamdar Mar 06 '20 at 09:41
Have you configured SSL certificates to use HTTPS? If not, try to open HTTP by selecting `Allow HTTP traffic` and check `http://SERVERIP:PORT`. – Serhii Rohoza Mar 06 '20 at 09:44
I have allowed both HTTP and HTTPS but still it is not working. I tried HTTP as well it is not working. – Maqsud Inamdar Mar 06 '20 at 09:45
1. Check if you have access to `http://SERVERIP` and `https://SERVERIP`. You should see some welcome page of your web server. 2. Check your web sever from VM `curl -I -L http://SERVERIP` and `curl -I -L https://SERVERIP`. – Serhii Rohoza Mar 06 '20 at 09:51
Do you still have an error? – Serhii Rohoza Mar 07 '20 at 14:12

Can't open port at GCP Firewall

1 Answers1