GCP-VM-instances-have-IP-Forwarding-enabled

Owned by naveen
Last updated: Nov 10, 2021
1 min read

Severity: Medium

Description: This control identifies VM instances that have IP Forwarding enabled. IP Forwarding could open unintended and undesirable communication paths and allows VM instances to send and receive packets with the non-matching destination or source IPs. To enable the source and destination IP match check, disable IP Forwarding

Remediation Steps:

Perform the following to disable IP forwarding:

  1. Login to GCP Portal https://console.cloud.google.com.

  2. Go to Computer Engine (Left Panel).

  3. Go to VM instances.

  4. Click the CREATE INSTANCE button.

  5. Specify other instance parameters as you desire.

  6. Click Management, disk, networking, SSH keys.

  7. Click Networking.

  8. Click on the specific Network interfaces.

  9. Set IP forwarding to Off.

  10. Click on Done.

  11. Click on Create button.

To Delete VM instance which has IP forwarding enabled:\n

  1. Login to GCP Portal\n

  2. Go to Computer Engine (Left Panel)\n

  3. Go to VM instances\n

  4. From the list of VMs, choose the reported VM\n

  5. Click on Delete button

Importent:

GCP VM instances IP forwarding feature cannot be updated from GCP console after an instance is created. , the IP forwarding field becomes read-only. To fix this alert, new VM instances with IP forwarding disable must be created.

Reference:

Blue Hexagon Proprietary