Reputation: 15
Google cloud virtual instance cannot ping my Mac (checked firewalls)
I have a virtual machine instance running on Google Cloud Compute Engine — a preemptible free-tier CPU running Ubuntu 17.04. The end goal is to connect it to a MongoDB running on my local machine, a 2015 Macbook Pro (OS 10.12.6). But first, I've been trying to ensure the VM can reach my Mac via ping.
- Running
ping <VM's external IP>from my Mac works. pinging my Mac from another Mac on the same wifi network works.- Running
ping <Mac's IP>from the VM via the browser terminal does not work.
I've disabled my Mac's firewall. I've also configured my VM's firewall rules to allow all inbound and outbound traffic, to no avail:
ingress firewall rules, egress firewall rules
How might I get this instance to ping my Mac successfully?
Upvotes: 0
Views: 623
Answers (1)
Reputation: 9721
Does your Mac's IP address begin with 10., 192.168., or between 172.16. and 172.32.? These are private addresses only reachable within your Mac's local network, which is (part of) why GCE cannot reach your VM.
This is part of a very common configuration. An ISP only allocates one (or a small number) of IP addresses to your home or business. A router on the network performs NAT to share that IP addess between computers on the local network, which instead use private IP addresses for themselves. As the router doesn't know what to do with the inbound MongoDB traffic, it blocks it.
There are two common ways around this that are usually found in your router settings:
- "port forwarding" where you tell the traffic to forward all traffic on port 1234 to your Mac. This can get MongoDB working, but not ping.
- If you have whole extra IP addresses, "DMZ" where your router directly forwards an entire extra IP to your instance. If you have only one IP address this is not an option as that IP is needed to be shared for other devices on the Wifi.
You likely also have a firewall on the router. If you use a DMZ or port-forwarding you must make sure that firewall allows traffic through too.
That said, I'm not sure that this is a sensible thing to do. Opening up your local network to the internet can create major security issues, plus it is likely unreliable more expensive (free tier only provides 1GB egress/month, your db traffic could exceed this).
Actually running MongoDB on instances within GCE is almost certainly a better option in every regard for you.
Upvotes: 1
Related Questions
- Why am I Unable to Access a Google Compute Engine VM?
- Google cloud VM ports won't open
- why can't I ping the external IP address of my Google Compute Engine instance?
- Cannot ssh to Google Cloud VM Instance
- Gcloud instance can't ping another one
- Can't access the Google Compute VM by any port except 22
- Google - Compute Engine VM - cannot bind to internal IP
- Cannot access, ping and remote google cloud (Change Ip Address Protocol)
- Google compute engine static IP can't ping issue
- Cannot ping ubuntu VM from mac os