Accessing SQL Instance by private IP through an IP...

Greg-Somelife · 08-23-2024 07:38 AM

Hello,

Actual configuration :

SQL Instance with private IP.
private service access set up with internal IP range and VPC Network peering also up for it, with custom routes enabled
Up and running IP Sec tunnel between GCP and my IPSec server.

The things I cannot figure out are the proper "rightsourceip" and the routing I should use to have access to the SQL instance through it.

I have extensively read the documentation but it's very, very obscure for no reason so any help is appreciated.

Thanks.

kensan

Hi @Greg-Somelife ,

Welcome to Google Cloud Community!

It's critical to include the SQL instance subnet in your VPN tunnel if you're using a static routing VPN. For dynamic routing VPNs, ensure you advertise the SQL instance subnet in your BGP configuration. This is essential for proper connectivity to your SQL instance.

Finding the SQL Instance Subnet:

To find the SQL instance subnet within your VPC network, follow these steps:

Navigate to your VPC network.
Select the VPC network where your SQL instance is deployed.
Click on Private Services Access.
Locate the subnet with the connection name servicenetworking-googleapis-com.

Also, ensure that the Export Custom Routes option is enabled on the VPC network peering configuration. To verify this:

Navigate to your VPC network.
Click on the VPC network peering tab.
Select servicenetworking-googleapis-com.
Check the Exchange IPv4 Custom Routes option.

I hope the above information is helpful.

Accessing SQL Instance by private IP through an IPSec Tunnel