Trouble with winrm over ssl on port 5986

[dcode]

I'm trying to run down using WinRM over SSL via vagrant in GCP. No matter what I do, when I run vagrant winrm -c "my_command", the WinRM communicator is set to connect to port 5985. It will try to use SSL if I specify that for the transport, but I can't get it to connect to TCP/5986.

Has anyone gotten this to work? Below I have a custom Win 10 Enterprise Eval, but I've had the same issue with the Google public 2016 server image.

Vagrant.configure("2") do |cfg|
  cfg.vm.box = "google/gce"

  # You can customize any of the winrm settings available in Vagrant
  # however, these are the required ones to work with default public Windows images
  cfg.vm.communicator = "winrm"
  # >>>>> Tried overriding here
  cfg.winrm.port = 5986
  cfg.winrm.transport = "negotiate"
  cfg.winrm.username = "vagrant"
  cfg.winrm.ssl_peer_verification = false

  cfg.vm.define :winbox do |winbox|
    winbox.vm.synced_folder ".", "/vagrant", disabled: true
    winbox.vm.provider :google do |google, override|
      google.google_project_id = "my-project-id"
      google.google_json_key_location = "~/.config/gcloud/my_creds.json"

      google.image_family = "windows-10-21h1-ent-x64"
      google.machine_type = "n2-standard-4"

      google.disk_size = "50"
      google.name = "winbox"

      # WinRM requires TCP/UDP 5985 and 5986 open
      # Add the following rules to Google Firewall Rules and assign the winrm tag
      # tcp:5986; tcp:5985 udp:5986; udp:5985
      # also need http-server and https-server tags set.
      google.tags = ["winrm", "http-server", "https-server"]

      google.on_host_maintenance = "TERMINATE"
      google.zone = "my-zone-1a"
      # >>>>>>>> Tried this too
      override.winrm.port = 5986
      # If you would like to override the default behavior, you can
      # use the following flag
      google.setup_winrm_password = true
    end
  end
end

[R3dy]

Try changing

cfg.winrm.transport = "negotiate"

to
cfg.winrm.transport = :ssl

That is working for me