Hi,

I am stuck in connecting to our backend services that are hosted outside of GCP and GKE. So far,

1. Firewall rules from the GCP project CIDR to those services have been configured
2. Pinging the IP addresses and resolve DNS for them from the node SSH session is working
3. Using nc command on the port 443 from the node SSH session is working
4. Testing the access to them by retrieving the WSDL file from the node SSH sessions is working
5. Pinging the IP addresses inside the runtime container is only resolving the IP and nothing else
6. Using nc command from the runtime containers is timing out
7. Testing the access to them by retrieving the WSDL from the runtime containers is failing
8. Testing the API Proxy is returning:

HTTP/1.1 504 Gateway Timeout
content-type: application/json
content-length: 252
x-envoy-upstream-service-time: 9659
date: Thu, 16 Jan 2020 23:05:33 GMT
server: istio-envoy
{"Envelope":{"encodingStyle":"http:\/\/schemas.xmlsoap.org\/soap\/encoding\/","Body":{"Fault":{"faultcode":"soap:Server","faultstring":"Gateway Timeout","faultactor":{},"detail":{"source":{"errorcode":"messaging.adaptors.http.flow.GatewayTimeout"}}}}}}

9. If the backend service (target) is hosted at Internet, the API proxy is working fine.