Google Cloud Error code 4003 indicates that the instance isn't listening on the port you're trying to connect to or the firewall is closed.
This can basically cause the start-up connectivity test to the VM instance to fail.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related Google Cloud queries.
In this context, we shall look into methods to fix this Google Cloud error.
In order to fix this error, we need to ensure that the listening process on the VM runs and listens on the correct port. Then, we verify if the Google Cloud firewall is configured correctly and open.
To configure Firewall rules in Google Cloud, do the following:
a) Conditions that require firewall ingress rule configuration
We need to create a firewall ingress rule to enable traffic from Filestore instances to your clients if:
b) Conditions that require firewall egress rule configuration
Suppose the VPC network we use has a firewall egress rule that blocks traffic to TCP ports 111, 2046, 2049, 2050, or 4045.
Now, follow the steps to create a firewall rule. This will enable traffic from Filestore instances.
1. Initially, we check the current port settings.
2. Then on the Firewall page in the Google Cloud Console, we click Create a firewall rule.
3. We enter a unique Name for it.
4. We specify the Network in which we implement the firewall rule.
5. Then we specify the Priority of the rule. If this rule will not conflict with any other rules, we leave the default of 1000. Otherwise, we set a lower value.
6. Choose Ingress for Direction of traffic and Allow for Action on the match.
7. For Targets, we take one of the following actions:
a) To allow traffic to all clients in the network from Filestore instances, we choose All instances in the network.
b) To allow traffic to specific clients, we choose Specified target tags. We can type the instance names of the clients in Target tags.
8. Leave the default value of IP ranges for the Source filter.
9. For Source IP ranges, we type the IP address ranges of the Filestore instances we want to allow access from. We must use CIDR notation.
10. We leave the default value None for the Second source filter.
11. For Protocols and ports, we choose Specified protocols and ports and then:
a) Select the tcp check box and enter 111,STATDOPTS,nlm_tcpport in the associated field, where:
b) (High Scale SSD only) Select the udp check box and enter the value of nlm_udpport, the udp port nlockmgr uses.
12. Finally, we select Create.
Use the following procedure to create a firewall rule to enable traffic to Filestore instances.
1. Initially, we go to the Firewall page in the Google Cloud Console.
2. Then click Create a firewall rule.
3. Here, we enter a unique Name for the firewall rule.
4. We specify the Network in which we want to implement the firewall rule.
5. Then we specify the Priority of the rule.
6. Choose Egress for Direction of traffic and Allow for Action on the match.
7. For Targets, take one of the following actions:
a. Like the above, to allow traffic from all clients in the network to Filestore instances, we choose All instances.
b. Then to allow traffic from specific clients to Filestore instances, we choose Specified target tags.
8. For Destination IP ranges, we type the IP address ranges of the Filestore instances we want to allow access to.
9. For Protocols and ports, choose Specified protocols and ports.
10. Then we select the tcp check box and enter 111,2046,2049,2050,4045 in the associated field.
11. Finally, we select Create.
This article covers methods to resolve the Google Cloud Error code 4003 for our customers. This issue can cause the start-up connectivity test to the VM instance to fail.
Therefore, Ensure that the listening process on the VM is running and listening on the correct port. Also, verify that your Google Cloud firewall is configured correctly and open on the port you're connecting to.