SSH Connection problem via Cloud Identity-Aware Proxy failed 4003

Hiya guys, I created a VM yesterday until tomorrow today at morning I tried to access the SSH login and got an error saying:

Connection via Cloud Identity-Aware Proxy failed
Code: 4003 Reason: failed to connect to backend Please ensure that: - your user account has iap.tunnelInstances.accessViaIAP permission - VM has a firewall rule that allows TCP ingress traffic from the IP range 35.235.240.0/20, port: 22 – you can make a proper https connection to the IAP for TCP hostname: tunnel cloudproxy app You may be able to connect without using the Cloud Identity-Aware Proxy.

I tried to follow this FAQ of firewall rules and added port 22 and RDP 3389. Still not working.

Hi,

1. Check if your FW is configured properly = FW ingress rule should contain this IP 35.235.240.0/20 and port 22.
2. Check whether you have proper IAM permissions : IAP-secured Tunnel User assigned at your principal.
3. Check whether this API is enabled Cloud Identity-Aware Proxy API

DamianS_0-1691151361439.png1368×1334 65.7 KB

cheers,
DamianS

Never mind, I found out that I didn’t add UFW as port 22 so I’ve decided to use Serial Console and am able to add sudo ufw 22 and then reload, now SSH is allowed to log in again.

I’ve marked this thread as solved. I just solved problem myself.

Hi Guys,

I tried to access the SSH login and got an error saying:

Connection via Cloud Identity-Aware Proxy failed
Code: 4003 Reason: failed to connect to backend Please ensure that: - your user account has iap.tunnelInstances.accessViaIAP permission - VM has a firewall rule that allows TCP ingress traffic from the IP range 35.235.240.0/20, port: 22 – you can make a proper https connection to the IAP for TCP hostname: tunnel cloudproxy app You may be able to connect without using the Cloud Identity-Aware Proxy.