0

I'm creating a google windows instance for which i need to enable SMB [File and Printer Sharing] 445 and 139 ports. I have created a firewall rule under "VPC Network" => Firewall rules

But still created windows instance does not have 445 or 139 port enable.

Firewall rule is as below:

"default-allow-smb Ingress Apply to all
IP ranges: 0.0.0.0/0 tcp:445,139 Allow 65534 default"

When I login to windows instance via RDP and check under "Control Panel" => System and Security => Windows Firewall => Advance Settings => Inbound Rules : "File and Printer Sharing" (SMB-in) shows DISABLED only.

Created google windows instance on google cloud console shows "default-allow-smb" firewall rule under network details. Firewall Rule is as below

Firewall Rule details

Srushti Trivedi
  • 11
  • 1

1 Answers1

1

Windows Environment inside your Google Compute Engine VM instance

I am using Windows Server 2019 Datacenter Server with Desktop Experience, x64 built on 20190910 Google Compute Engine VM instance

I used Microsoft documentation and followed the steps to open the firewall ports to enable file and printer sharing. Currently for me, File and Printer Sharing (SMB-In) is disabled. However, there is an "Enable Rule" button on the right-hand side that you can click on to enable the rule.

enter image description here

Then, it should enable the rule, just like it shows here:

enter image description here

As you can see Enabled field is set to Yes

enter image description here

Firewall Rules for your Google Compute Engine VM instance

If you would like to double check whether you properly set up your Firewall Rules, you could check How to open a specific port in Google Compute Engine or check the official Google Documentation for Firewall Rules

Community
  • 1
  • 1
sllopis
  • 2,292
  • 1
  • 8
  • 13
  • Thanks sllopis . I can do this manually like you mentioned to click on "Enable Rule" , but i want it to be enabled automatically by default when I create Google windows Instance with the firewall rule configured. – Srushti Trivedi Sep 19 '19 at 11:21
  • Oh I see, you can achieve this by using a [startup script for Windows instances](https://cloud.google.com/compute/docs/startupscript#providing_a_startup_script_for_windows_instances), which will perform automated tasks every time your instance boots up. Hope it helps you. – sllopis Sep 20 '19 at 10:23
  • @SrushtiTrivedi - PowerShell to enable firewall rule: https://learn.microsoft.com/en-us/powershell/module/netsecurity/enable-netfirewallrule – John Hanley Sep 21 '19 at 15:53
  • Thanks @sllopis and @John Hanley Adding Power Shell startup script with 'windows-startup-script-url' worked. ``` {'metadata': { 'items': [{ 'key': 'windows-startup-script-url', 'value': "gs:///enable_port.ps1" }] } – Srushti Trivedi Sep 23 '19 at 09:31
  • Hi Srushti Trivedi, could you accept the answer, so it can help the community locate it better? – asbovelw Sep 23 '19 at 11:57