This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

OnPrem VPN to Cloud SQL with Private IP(not able to connect) Public IP(able to connect)

Posted on 10-31-2023 03:19 AM
anand-patel
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi Team,

Facing issue while connecting to OnPrem VPN to GCP Cloud SQL. Cloud SQL PostgreSQL  instance having both Pubilc IP and Private IP enabled.

Enabled private service access and private path connectivity on cloud sql instance. created a VPN Gateway and VPN Tunnel in Cloud to connect OnPrem.

I am able to connect on Public IP from my On Prem Machine however not able to connect on my Private IP. 

CloudSQL_Proxy_VPN_img.png

 Any one, suggest any further network/ DB related changes I have to do.

1 3 1,075
Topic Labels
3 REPLIES 3

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @anand-patel ,

Via public IP adddress, yes, you should be able to connect to the instance using that public IP address from your on-premises machine. However, when you enable the private IP and set up a VPN connection between your on-premises network and GCP, you should also be able to connect to the Cloud SQL instance using its private IP address.

You might want to check your firewall rules and make sure there are no conflicting rules that might be blocking traffic to the private IP address. Also, it was not stated or included on your question if there is firewall rule allowing incoming traffic from your on-premises network to the private IP address of your Cloud SQL instance on port 5432 (or the specific port used by PostgreSQL).

You can also check the PostgreSQL pg_hba.conf file to make sure it allows connections from the private IP range of your on-premises network.

Posted on --/--/---- --:-- AM
anand-patel
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Thanks for update.

I have made a IPSEC VPN tunnel from on-premises to GCP and VPN Connection as well  in another Project N. 

Enabled VPC Peering between Project A and Project B but not working. Cloud sql proxy installed in another VM in Project A. 


Currently able to connect from Project A Cloud SQL Proxy VM to Project A Cloud SQL Instance using Private IP in GCP Env.

Trying to establish a network connection using IPSEC VPN tunnel from on-premises Server to Project N and its not working. Hence not able to connect DB from on-premises Server.

I do not want to make Public, my cloud SQL DB even during migration of data as well using DMS.

for updating pg_hba_conf - how can I connect Cloud SQL Instance in Project A having only private IP. Additionally,  Cloud SQL Instance is SSL Enabled hence not able to connect using cloud shell.

Any specific commands have to execute, if yes , from where. Please suggest.

Posted on --/--/---- --:-- AM
agi83
Silver 3
Silver 3
Reply posted on --/--/---- --:-- AM

Hi, 
Have you gone through all steps in this doc:

Thanks
Agnieszka

 

Top Labels in this Space
Top Solution Authors
View all