I accidentally messed up Windows Firewall of my VPS and now I can't connect using RDP anymore.
Is there a way to reset the firewall rules without deleting and creating a new instance? Already checked the FAQs and found nothing about it, same goes for the cloud shell. The firewall rules that I can see on the web manager seems different of my Operational System firewall.
The best way is to use Google Cloud console.
Go to the Windows Instance
Edit the Instance and add the following key/value pair to Custom Metadata section
key is: windows-startup-script-cmd
value: netsh advfirewall set allprofiles state off
This resets the firewall to Off when booting and you can get back in with the RDP client as before.
Please open Cloud Shell on Google Cloud Platform web console.
Type: gcloud compute firewall-rules create openrdp --allow=tcp:3389
Try to connect your machine again.
Related
Apologies if this is a bit basic:
I have a Google Compute Instance running Windows Server 2012 R2. It has a valid admin account and password (checked via gcloud). The external IP address can be pinged, the system has been stopped and started successfully. The gcloud commands execute successfully etc etc.
If I try to RDT in I get the unsuccessful message. If I use the RDT (Chrome) option in the Google Cloud Platform admin page I get this message:
In order to use the Chrome RDP Extension, you must configure VM
instance so that it has an external IP address, username and password.
Note: You must configure the network firewall to open TCP port 3389 to
enable RDP access.
Note that ALL of the above are correct and confirmed.
I am sort of going round in circles, I've tried to use powershell on a windows system to RDT in to no avail. Again, using the built in Bash serial access I can get to the system and, for example, retrieve the admin account and password, BUT RDT FAILS.
I have tried using the powershell command Enter-PSSEssion... and I initially got a winrm error, apparently the IP address needs to be in trustedhosts. Fixed that and now I am getting a message that I need to verify that winrm is running on the destination computer, catch 22, that's why I'm using winrm, to access the destination computer.
Any ideas what I might try next?
Thanks.....
create a rdp network tag for firewall rule, which allows tcp:3389 ingress and and then apply it to the instance in question... someone (assuming you're at work) might have removed/edited these rules trough the console or gcloud command.
I am fairly new to both google compute engine and Odoo. I have recently started a google compute engine with Ubuntu-16 installed. I have successfully followed instructions on Odoo website to install and start Odoo server. When I try to access my Odoo instance from another computer by going to
IP-address-of-server:8069
I find
ERR_CONNECTION_REFUSED
Following are the firewall rules for the instance. Please guide me on how to solve this problem. Please feel free to ask for any additional information.
You have multiple things to make sure what exactly is your problem. Check whether odoo service is working by entering systemctl status odoo-server
This should show whether your service is started (and enabled) or not. Check this then reply back.
Also, while accessing your odoo server, use http request instead of https.
Try if you can connect from the VM itself to Odoo. Log in to your VM with ssh and then use curl localhost:8069 or wget localhost:8069. If that's successful, it's a firewall issue.
If it is a firewall problem, add a rule similar to the default-allow-http, but for the port you need. Then add the tag of your rule to your VM instance. You can do this in Cloud console.
My google cloud instance (10.128.0.3) lost network connectivity somewhere just after 0400 this AM. I am running Centos 6.10) The network interfaces are up and have IP addresses. Unable to ping default gateway (10.128.0.1). Firewall rules (google and local) have not been changed/modified. This instance has been online for several years with no recent changes made. Any suggestions would be helpful and appreciated.
This is a known issue when updating to kernel 2.6.32-754 that is affecting both Red Hat, and CentOS images, and seems related to this DHCP update. The Compute Engine team are already aware of this issue.
Meanwhile, and in addition to the great suggestions above, you may also use a startup script ( add the default gateway IP address) to fix this issue, and then restart your instance. Todo so without access to the instance simply add a metadata for the instance with the name startup-script and the content of the below script (make sure to update the gateway to your, it can be found in the VPC Page)
#!/bin/bash
route add default gw [default_gateway_ip] eth0
For further information/updates about this issue, you may check this issue tracker link. https://issuetracker.google.com/issues/111154121
Once you have a vpn tunnel up and running there does not appear to be a method to view all the details of the tunnel from either the Google Cloud Console or the gcloud command line. Specifically the route policies that were configured when the tunnel was initially setup are missing from the describe.
Is there a method to see this information?
This a known behavior. The Developers Console doesn't set the remoteTrafficSelector when creating the tunnels through it.
The Developers Console creates the necessary routes and shows the "Remote ranges" based on them.
The workaround is to create the VPN tunnels using the Compute API or Cloud SDK with the following command:
gcloud compute vpn-tunnels create NAME --region=REGION --peer-address=PEER_ADDRESS --shared-secret=SHARED_SECRET --target-vpn-gateway=TARGET_VPN_GATEWAY --local-traffic-selector=CIDR --remote-traffic-selector=CIDR
You can click on the star icon in the Public Issue Tracker to get updates when there is any progress on it.
Note: This doesn't have any impact on the VPN tunnel functionality.
I created a simple f1 micro instance (Ubuntu 16.10) on Google Compute Engine. I had created a VPC (Networking) and allowed http/https. I explicitly created a Firewall rule to allow SSH (tcp:22). But I am not able to login to the VM instance.
I keep getting this error:
Here is my Firewall Rule:
How to fix this?
I was able to finally ssh into an instance by Choosing "Automatic" while creating a new VPC network instead of Custom and also chose allow ssh. This added default Firewall rules which were more accurate.
For anyone that runs into this problem I reached out to Google support by email (who responded!!) and they instructed me to run the following commands from terminal (where I have gcloud installed):
If you haven't yet authenticated / or to set the correct project
gcloud auth login
gcloud config set project PROJECT_ID
This is the meat of it - setting the firewall rules.
gcloud beta compute firewall-rules create default-allow-ssh --allow tcp:22 --priority=65534
Also - use chrome - the interface seems to occasionally throw a fit whenever you use any other browser.