Update GCP Firewall for new UMVPN Addresses

Environment

Google Cloud Platform at U-M (GCP), VPN

Issue

Cannot connect to GCP Google Compute Engine instance after the UMVPN IP address space change on 3/18/2021

Resolution

If you utilize the “campus” firewall rules in GCP and access Google Compute Engine instances over the UM VPN, you may need to update them to allow the new VPN Network access.

  1. Go to https://console.cloud.google.com

  2. Select the project from the project picker (drop down menu in the blue bar across the top)

  3. From the hamburger menu (three horizontal bars) in the upper left corner, select VPC Network, Firewall (in the networking menu)

  4. Click on the ‘campus’ rule name - it should highlight like a URL (ie allow-campus-rdp)

  5. Click EDIT

  6. In the Source IP ranges section, append 35.7.0.0/18

  7. Click Save

  8. Repeat for the rest of the ‘campus’ rules - there should be one for SSH, RDP, and ICMP for each VPC (you may have two VPCs if you have a VPN back to campus)

Additional Information

Details

Article ID: 4701
Created
Tue 3/23/21 3:23 PM
Modified
Thu 3/25/21 10:44 AM