VPN connection client to google cloud instances

[Malak Haydar]

Hello,

How i can create a VPN client-to- site connection to Compute Engine and Cloud SQL? Google Cloud VPN service supports only site-to-site connections? What can be the alternative solution?

Thank you!

[Cedric De Vroey]

You could setup a micro-instance and install openvpn on it. Hook a fixed external ip to the machine. Voila, you now have a working vpn-server.

Op dinsdag 12 juli 2016 17:01:43 UTC+2 schreef Malak Haydar:

[Mani Gandham]

Previously asked question: 

https://groups.google.com/forum/#!topic/gce-discussion/6Azm-yr2x7Y

That's correct. Cloud VPN only supports IPsec gateway-to-gateway scenarios. For client-to-gateway (road warrior) scenarios, you can install and configure an IPSec VPN software, like Strongswan on a GCE VM and configure it for remote access. Using a VPN client users can connect to this VPN server and, after a secure tunnel established they can connect to all other VMs which are deployed inside the same network. In this case, the other VMs won't need to have external IP addresses. However, you will need to setup a NAT gateway if the other VMs need to have access to internet. Configuring a NAT gateway is described in this article. The other option for road warrior scenarios can be using VPN over SSH.