GCE Firewall issue - Ports not opened after configuring firewall rules

Question

I am trialing the platform. I have successfully configured and setup a CENTOS v6 VM and then added whm/cpanel. I am experiencing some issues with the Firewall that I am sure are on Google Cloud side of things. I have read my eyes off and cannot seem to figure out what I am missing. Please lend a hand.

I have an external static IP address associated with the instance. 104.155.x.x . I can successfully SSH into the box with Putty. (SSH keys working a treat)\ I can successfully access port 80 and 443 using a web browser, however, I have added quite a few extra firewall rules and no traffic is passing to the instance. The only ones that are passing are the 3 that were configured by default on setup when creating the VM instance, SSH, HTTP and HTTPS. I then confirm this using a port scanner. Only 3 open ports as reported.

On the Console, I have created firewall rules on the defualt network, same place the ssh, http and https rules already existed.

(example) name: default-allow-2086 > source tag/Ip range 0.0.0.0/0 > allowed protocols tcp:2086

I have turned off the iptables service and can verify the firewall is not running on the VM.

I have a FQDN configured on CENTOS + whm/cPanel.

I have run both /scripts/configure_firewall_for_cpanel and /scripts/build_cpnat and verified the external IP was attached properly > 10.240.0.X => 104.155.X.X info [build_cpnat] 10.240.0.X => 104.155.X.X

I have verified One to One NAT is enabled on this external IP to the Local IP.

networkInterfaces":[{"accessConfigs":[{"externalIp":"104.155.x.x","type":"ONE_TO_ONE_NAT"}]

I cannot find any indication that the ports I have entered into the firewall are open, therefore no connection to any additional ports outside of 22,80,443.

Thanks in advance for the help.

Answer 1

In Web Console > Networks > Firewall rules, edit your RULE and remove TARGET TAGS and apply.

The