Networking 102Go to Lab
Had some issues with the NAT gateway. going to retry the lab again. There is an issue connecting back into privatnet-us-vm after taking off the eternal address. I had issues with the default keys. Not sure if it had to do with the bastion not having a private key. Which is unlikely since it worked before I took it off the network. Anyways, I just uploaded another key to the instance and placed the private key on the bastion hosts and fine. Actually both worked that time too. So weird.
There are a few places that use "INGRESS" when "EGRESS" is the accurate term.
I did not see the need to work with 2 projects at all. But the lab is very helpful. Thank you!
some deprecated syntax used and a typo in the egress/ingress discussion table
Another excellent networking tutorial - really learned a lot from this exercise. The NAT gateways exercise is a really useful way of segregating the network.
Learned a lot from this lab.
broken ssh to privatenet-us-vm results in perm denied
Typo in section “The Default Network”: “default-allow-all-ingress” should be replaced with “default-allow-all-egress”. Same typo in section “User-created networks” In section “Convert to a NAT gateway”, unlike indicated the instructions, these commands were successful before finishing the configuration of the bastion host “gsutil ls gs://gcp-next2017-security-bootcamp/README” and “gsutil cat gs://gcp-next2017-security-bootcamp/README”
Good lab forgot to add that the firewall rules are stateless meaning if you leave the ping running while creating and applying a deny rule. The new rule will not take effect unless you stop the ping and relaunch it again.