0

I have a couple of applications running on Google App Engine (all standard environment). I would like to deny access to these services to all IP addresses except my own for the moment with a plan to successively whitelist others in the future.

I have managed to do this by whitelisting my public IPv6 address while denying all others. Since my IPv6 address is not static, I would like to provide my public IPv4 address instead but doing so does not work. In other words, replacing my IPv6 address by my IPv4 forbids me from reaching my application (403 Forbidden page).

What should I do to configure Google App Engine's Firewall rules to accept an IPv4 address?

user142389358902
  • 208
  • 1
  • 9

2 Answers2

1

GAE Firewall rules support both IPv4 & v6. The documentation says

In IP range, define the range of IP addresses that apply to the rule. The IP address range must be defined in CIDR notation, can include subnet masks, and support both IPv4 and IPv6.

Are you sure you have the right value for your IPv4? Did you enter it in the CIDR notation?

NoCommandLine
  • 5,044
  • 2
  • 4
  • 15
  • Both IPv4 and IPv6 addresses have been correctly provided in CIDR notation, that is not the issue. For testing purposes, I have disabled internet protocol TCP/IPv6 on my PC thus forcing it to communicate over IPv4 and I am now able to access my App Engine service by only whitelising my IPv4 address. However, changing network connection settings is not a viable solution to my issue. – user142389358902 Jul 03 '23 at 09:01
1

Addition to @NoCommandLine answer:

Google App Engine Firewall rules support both IPv4 and IPv6, and you can define the IP address range in CIDR notation.

When defining an IPv4 address in CIDR notation, you can specify the exact IP address with a /32 subnet mask. For example, if your IPv4 address is 203.0.113.1, you can enter it as 203.0.113.1/32 in the "Source IP range" field.

If you have correctly entered your IPv4 address in CIDR notation and are still encountering issues, you may want to check if there are any other firewall rules or network configurations that could be blocking the traffic. Additionally, you can try accessing your application from a different network or IP address to see if the issue is specific to your current IP address.

Reference: Understanding the App Engine Firewall

Chanpols
  • 1,184
  • 1
  • 3
  • 13
  • Following my reply to @NoCommandLine's answer, I believe my network configurations are set such that my PC communicates with an IPv6 address before communicating with an IPv4 address. That is why whitelisting my IPv4 address did not work but my IPv6 did. – user142389358902 Jul 03 '23 at 09:09