Hello Paul,
	
	
		
	
		No one will be locally connected to the server it will always be outside.  SIP / RTP for messages plus media.  Interesting you write iptables, 3 months ago iptables was not allowed on Google Cloud Instance and two days ago I see it install after updating the server.  I sent a support email and received the following:
	
	
		
	
		I asked a similar question in December 2017. 
	
	
		A decision was made to not use iptables for the Centos 7 Instance and configured Ingress/Egress within GCP. 
	
	
		Within the last five (5) months instances were created and deleted on purpose for testing but a week ago in creating a Centos 7 Server Instance and runnning yum -y update there was no installation of iptables.  In December 2017 the package did not exist for the Centos 7 image on GCP and decided to install it separately before finally just using the Firewall feature within GCP.
	
	
		Yesterday I noticed the image date of Centos 7 Server was 2.27.2018 but this time iptables appeared in the list of packages from running the command.  
	
	
		
	
		yum -y update
	
	
		
	
		 Installed: 
	
	
		
	
		kernel.x86_64 0:3.10.0-693.21.1.el7 Updated: google-cloud-sdk.noarch 0:192.0.0-1.el7 iptables.x86_64 0:1.4.21-18.3.el7_4 
	
	
		kernel-tools.x86_64 0:3.10.0-693.21.1.el7 kernel-tools-libs.x86_64 0:3.10.0-693.21.1.el7 libgcc.x86_64 0:4.8.5-16.el7_4.2 
	
	
		libgomp.x86_64 0:4.8.5-16.el7_4.2 libstdc++.x86_64 0:4.8.5-16.el7_4.2 libteam.x86_64 0:1.25-6.el7_4.3 python-perf.x86_64 0:3.10.0-693.21.1.el7 
	
	
		selinux-policy.noarch 0:3.13.1-166.el7_4.9 selinux-policy-targeted.noarch 0:3.13.1-166.el7_4.9 systemd.x86_64 0:219-42.el7_4.10 
	
	
		systemd-libs.x86_64 0:219-42.el7_4.10 systemd-sysv.x86_64 0:219-42.el7_4.10 teamd.x86_64 0:1.25-6.el7_4.3
	
	
		I will read the information from the sent link about iptables and nat gateway.  Yes the focus is security in and out of the instance.
	
	
		
	
		I will do as suggested and update this ticket shortly.
	
	
		
	
		Ed
	
	
		This worked this morning on an Instance created in December 2017 the one I created on March 13, 2018 it is not working.  Will update 🤘
	
	
		https://youtu.be/J8H2leO-0nk