1

I'm connected to a corporate network. I want to establish a VPN Tunnel Between my PC and GCP Cloud VPN. Can someone guide me related to this that what type of VPN should I use? I mean should I use HA VPN or Static VPN or Dynamic VPN and how? or an refer any video or website link. Help is appreciated. Peace!

Hassan
  • 101
  • 1
  • 1
  • 6
  • This configuration is strange. Why do you need this? – guillaume blaquiere Feb 17 '21 at 15:31
  • Your question is confusing. Edit your question and clarify what your current configuration is. Cloud VPN is a site-to-site VPN and not a remote access VPN. This means deploying a supported router in your home network. I use WireGuard which is easy to deploy to connect my desktop to GCP. Another option is OpenVPN. – John Hanley Feb 17 '21 at 19:05

1 Answers1

1

The VPN type could depend on what you need.

HA VPN:

HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your VPC network through an IPsec VPN connection in a single region. HA VPN provides an SLA of 99.99% service availability.

Classic VPN:

In contrast, Classic VPN gateways have a single interface, a single external IP address, and support tunnels that use dynamic (BGP) or static routing (policy-based or route-based). They provide an SLA of 99.9% service availability.

Dynamic routing

Dynamic routing uses a Cloud Router to automatically manage the exchange of routes by using BGP. A BGP interface on a Cloud Router in the same region as the corresponding Cloud VPN tunnel manages this exchange. The Cloud Router adds and removes routes without requiring that the tunnel be deleted and re-created.

Static routing

Classic VPN tunnels support policy-based and route-based static routing options. Consider a static routing option only if you cannot use dynamic (BGP) routing or HA VPN.

Policy-based routing. Local IP ranges (left side) and remote IP ranges (right side) are defined as part of the tunnel creation process.

Route-based VPN. When you use the Google Cloud Console to create a route-based VPN, you only specify a list of remote IP ranges. Those ranges are used only to create routes in your VPC network to peer resources.

Consider to be aware of traffic selectors recommendations Routing options and traffic selectors

However, by the time being the best option is to create an HA VPN gateway to a peer VPN gateway but this will require a Router located on on-premises. Classic VPN with static and dynamic routing will be deprecated on October 31, 2021. But you can create them following how-to-guides or following a different process using OpenVPN within your VPN.

cochitoo
  • 41
  • 3