Reputation: 2153
Blocking traffic from specific subnets in GCE firewall
I know how to add firewalls to allow traffic, but i want to also block APNIC traffic as well. Is there a way to drop traffic from a subnet? I can't seem to come up wit a set of rules that will do it.
Currently, My network has firewalls in place to allow traffic to the proper ports for my applications. Now I want to add rules to exclude a block of IPs from accessing my application.
What I have tried is creating a rule for a block of IPs, add all tcp and udp ports, then NOT adding any destination tags, thinking if it sees traffic from these subnets, but it has no destination, it will drop it. That doesn't seem to work.
Upvotes: 2
Views: 894
Answers (1)
Reputation: 1967
By default all the incoming traffic to your GCE network is blocked. You create firewall rules to allow the connection for IP or range of IPs and the port. You can refer to the following article for more information https://developers.google.com/compute/docs/networking#firewalls
Upvotes: 1
Related Questions
- In GCP, how to create firewall rules to isolate subnets by their IP ranges?
- Terraform/GCP, how to create a firewall rule to deny all traffic without specify IP ranges?
- Does Google Cloud platform have any blocked subnet ranges?
- GCP VM has firewall to allow /24 but some IPs get rejected
- Google Compute Engine Firewall
- google cloud - block incoming connections
- How to use Google Cloud Armor with to whitelist only a few IPs on GKE?
- Google App Engine Firewall - block all access except from GCP (including cloud functions)?
- GCE allow incoming traffic on specific ports
- Google Compute Engine Firewall Rule To Restrict Traffic O Certain Ports To Specific IP Addresses