Opening Ping Access on Cloud Raya VM Public IP

How can we help?
< All Topics
Print

Opening Ping Access on Cloud Raya VM Public IP

CloudRaya implements an “allow some ports, and block the rest” policy on its firewall for the security of your VM’s network.

By default, the ports opened in the CloudRaya firewall are as follows:

Port Protocol Service Name
22 TCP SSH Port
3389 TCP Remote Desktop Protocol (RDP) Port
80 TCP HTTP Port
443 TCP HTTPS Port

This means that traffic from the ICMP protocol, which is necessary for ping to work, is also blocked.

This is done to make your VM’s public IP appear to be not attached to anything else. This can help protect you from potential attackers who may be trying to scan and exploit your public IP for malicious purposes.


If you have a specific goal or project that requires you to be able to ping your VM’s public IP, you can open the ICMP port by configuring it in the Access Control List (ACL) in the VPC menu.

Let’s see how easy it is to do so in the following sections.

 

Implementation

↳ On the main dashboard, access the VPC menu on the left side.

↳ Select the VPC network that you have created. If you do not have a VPC, please follow the VPC configuration tutorial to learn more about using VPCs in Cloud Raya.

↳ On the VPC Details page, scroll down to the subsection titled Access List. Select the profile that you attached to the VM that you want to open ping access for. Then, click “Action > View Rules“.

↳ On the Rules page, click “Create Rule“.

↳ In the dialog box that appears, enter the values as shown below.

  • Subnet: Select “Allow All” because we want all internet users to be able to ping our VM’s public IP.
    Or, if you want to customize the list of sources that can ping your VM, you can select a specific subnet from the dropdown list or select “Custom” and specify the desired IP list in the “Source CIDR” field.
  • Protocol: Select “ICMP”
  • ICMP Type: Enter the number 8.
  • ICMP Code: Enter the number 0.
  • Traffic Type: Select “Ingress” because ping is from the outside, to the inside of our VM.
  • Action: Select “Allow”.

If so, Click “Create Rule“.

↳ We can now see that if the IP Public of our VM was previously not pingable (Request timed out), it can now be pinged after we enabled the ICMP protocol.

 

Conclusion

Now we can ping the public IP of our VM. If your network security no longer requires the ability to ping the public IP of your VM, you can remove the ICMP protocol rule that we created earlier.

We hope this article can help you with your project development process. See our other articles on our knowledge base or blog pages. If you prefer to learn through streaming videos, please visit our YouTube channel for more tutorials.

Table of Contents

Comments are closed.

Ready, Set, Cloud

Ready, Set, Cloud