Cannot connect to GCP Compute Engine Instance - Error while connecting [4003: 'failed to connect to backend']. (Failed to connect to port 22)
I'm facing a new issue where I'm unable to connect to my GCP Compute Engine instance for the past 2 days. I'd set up the VM, and the firewall rules including enabling IAP for TCP Tunneling about a week ago, and was able to SSH to my machine using this command fine up until 2 days ago.
gcloud compute ssh <vm-name> --zone=us-west1-b --quiet --tunnel-through-iap --project=<project-name>
Running the above command in my terminal issues this error:
ERROR: (gcloud.compute.start-iap-tunnel) Error while connecting [4003: 'failed to connect to backend']. (Failed to connect to port 22)
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
Here is the firewall rule I set up to enable the IAP TCP tunneling access
I can see that my VM instance is included in the "Applicable to instances" list.
I was also unable to connect via SSH to the instance using the in-built SSH tool. Here's a screenshot of the error:
According to this error, it seems that the access to VM is blocked by a firewall and I've made sure to set up the firewall correctly.
I've tried solutions outlined in these posts:
But I'm still unable to connect to my VM. I've also deleted and re-created the firewall rules a couple of times now to no avail.
What might be causing this? I'm new to GCP and networking concepts so if there's something I'm missing, please point me to the resources.
Appreciate your help, thanks a lot!
After multiple days (attempts) trying to figure out the cause of this issue, I looked through the logs of my VM, and found the error mentioned in this link
I decided to tear down the Compute Engine instance and the firewall rules I'd set, and created a new Compute Engine instance and re-created the firewall rules.
After doing this, I'm able to connect to the new VM without trouble.
- Terraform - GCP - Import project IAM member
- Getting random "User not found in file /etc/passwd" error on Cloud Run Job
- Change time format in GCP Logs Explorer
- Deploying to Cloud Run with a custom service account failed with iam.serviceaccounts.actAs error
- Deploying a pelican site to Google Cloud Run with Dockerfile not working
- Is there a good explanation of resource labels versus metric labels?
- Why do I set the resource type when writing the metric but not when creating a descriptor?
- google-github-actions/get-gke-credentials failed with: required "container.clusters.get" permission(s)
- GA4 Data Not Retained for More Than 60 Days Despite BigQuery Table Expiration Set to 'Never
- How to list all enabled API services for Google Cloud Platform project
- Google Cloud calendar API connection error
- Downloading a folder from cloud storage in GitHub action and move it inside a docker container is not working
- How to fix CloudRun error 'The request was aborted because there was no available instance'
- Google Cloud Build with Dockerfile and copy files
- Firebase CLI console: Cannot find module @google-cloud/tasks
- Does Cloud SQL have a query console or is CLI the only option?
- How to use Google Cloud Shell with the new Windows Terminal
- Why does GKE kubernetes cluster need a version?
- Unable to Read Mounted GCSFuse Directory After Adding --implicit-dirs Option
- Error: 10: Developer console is not set up correctly (Not Using Firebase) (One Tap sign-up)
- Connection between Private GKE and Cloud SQL
- Kubernetes cluster architecture
- Validating PubSub message against AVRO JSON schema with multiple union types
- Can i run cloud run jobs locally
- How to log SSL/TLS Handshake details on Google Cloud Load Balancer
- Utilizing Gemini: Through Vertex AI or through Google/generative-ai?
- How to use Puppeteer in 2nd gen Cloud Functions?
- GCP Logging: who created a Project?
- Connection broken: IncompleteRead in Google Cloud Run
- How do I query firestore data that is inside collections in said document?