Re: Cloud Firewall Help

jbears · 07-06-2022 08:14 AM

I am trying to set up the GCP Firewall. My internal network is set up as a class A. We are working to rectify that but in the meantime, I am having trouble figuring out how I can allow our internal class A addresses without opening the firewall up for external too. I have a classic VPN set up from our internal network to GCP.

grobledo

If you create a firewall rule allowing just the class A Private Address Range, you do not have to worry about public IP addresses.

You just need to create a firewall rule allowing the subnet 10.0.0.0/8.

jbears

It's a 1.x.x.x scheme. It's not in the class A private range.

Clouds

Try researching here??

https://cloud.google.com/compute/docs/ip-addresses

kolban

Reading here ... https://cloud.google.com/vpc/docs/firewalls#firewall_rule_components

I see that the firewall rules are defined on sources and targets. While we normally think of the sources and targets as IP address ranges (CIDR) they can also embrace other concepts such as network tags and account identities. First thing I'd suggest is that we draw up a network topology diagram that we can look at and use as a reference on what we want to achieve.