無法連接虛擬機器實例上的應用程式伺服器偵聽端口

我在 Linux VM 實例上部署了應用程式伺服器。應用程式已成功運行並偵聽連接埠 3465。

我使用以下 IP 連接埠從本機電腦連接 VM 實例應用程序，

IP位址：VM實例的外部IP

港口：3465

1）我已經添加了防火牆規則來開啟端口

elon_musk@archway-146712:~$ gcloud compute firewall-rules list
NAME             NETWORK  DIRECTION  PRIORITY  ALLOW     DENY
<firewall-rule>  default  INGRESS    1000      tcp:3465

2）我嘗試新增轉送規則，但沒有成功

elon_musk@archway-146712:~$ gcloud compute target-instances list
NAME       ZONE           INSTANCE         NAT_POLICY
<ti-name>  asia-south1-a  <instance-name>  NO_NAT

elon_musk@archway-146712:~$ gcloud compute forwarding-rules list
NAME       REGION       IP_ADDRESS      IP_PROTOCOL  TARGET
<fr-name>  asia-south1  xx.xxx.148.135  TCP          asia-south1-a/targetInstances/<ti-name>

注意：當我建立轉送規則時，系統會自動使用虛擬機器實例的外部IP以外的IP位址。那麼問題又是我應該使用轉送規則的IP位址還是虛擬機器實例的外部IP？

這是Linux VM實例的iptables配置

elon_musk@archway-146712:~$ sudo iptables -t filter -L -v
Chain INPUT (policy ACCEPT 2609 packets, 376K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION  all  --  any    any     anywhere             anywhere
    0     0 ACCEPT     all  --  any    docker0  anywhere             anywhere             ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  any    docker0  anywhere             anywhere
    0     0 ACCEPT     all  --  docker0 !docker0  anywhere             anywhere
    0     0 ACCEPT     all  --  docker0 docker0  anywhere             anywhere

Chain OUTPUT (policy ACCEPT 2433 packets, 237K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER-ISOLATION (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  any    any     anywhere             anywhere