For security concerns, needed to set GCP Compute Engine instance to not have External IP (external ip = None). In that case, it defaults to Identity Aware Proxy. IAP - to the same targets - does succeed from other machines, but not some in my data center.
Even after fully configuring gcloud logging in/authenticating and:
gcloud config set project $PROJECTNAME
gcloud config set compute/zone us-central1-c
then running: gcloud compute ssh $INSTANCENAME --tunnel-through-iap
Returns:
command-line: line 0: Bad configuration option: ProxyUseFdpass
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
Unclear whether this points to a ssh_config issue or something else, but this is not my area, so am a bit lost and not seeing other related things to this error. Any thoughts? The desired behavior is to not get the error on ProxyUseFdpass. And, for ssh to connect successfully.
I also ran gcloud compute ssh $INSTANCENAME --tunnel-through-iap --dry-run, and what gets returned match the results from successful places that connect.
Also, check if the "Private Google access" is turned-on for the subnet. This will allow the Google services to reach your VM. I had the same problem and turning on "Private Google access" solved the issue for me.