Solved: Re: VM with public IP route to Cloud VPN

rvenus · 01-04-2024 09:59 PM

We recently have a requirements wherein a VM with public and private VM will pass thru cloudVPN going to endpoint. The public IP of the VM should advertise on the endpoint instead of the private IP. Is this possible with Google Cloud Platform?

Because usually when you pass thru VPN the private IP is being advertise in the endpoint

We ask this question as we have a request wherein we have to use a Non-RFC 1918 IP address passing thru site to site VPN.

Thank you

Marvin_Lucero

Hi @rvenus ,

@rvenus wrote:

We recently have a requirements wherein a VM with public and private VM will pass thru cloudVPN going to endpoint. The public IP of the VM should advertise on the endpoint instead of the private IP. Is this possible with Google Cloud Platform?

Normally, when you set up a VPN in Google Cloud, it tells the other end about the private IP of your virtual machine. But if you want it to share the public IP instead, you'll have to do some extra steps, like using a Network Address Translation (NAT) solution.

In typical VPN configurations, the private IP address is commonly advertised at the endpoint. However, your specific request involves using a Non-RFC 1918 IP address when passing through a site-to-site VPN

To achieve this, you may need to employ a combination of features such as Cloud NAT and necessary routing configuration.

Hope this answers your question.

View solution in original post

Marvin_Lucero

Hi @rvenus ,

@rvenus wrote:

We recently have a requirements wherein a VM with public and private VM will pass thru cloudVPN going to endpoint. The public IP of the VM should advertise on the endpoint instead of the private IP. Is this possible with Google Cloud Platform?

Normally, when you set up a VPN in Google Cloud, it tells the other end about the private IP of your virtual machine. But if you want it to share the public IP instead, you'll have to do some extra steps, like using a Network Address Translation (NAT) solution.

In typical VPN configurations, the private IP address is commonly advertised at the endpoint. However, your specific request involves using a Non-RFC 1918 IP address when passing through a site-to-site VPN

To achieve this, you may need to employ a combination of features such as Cloud NAT and necessary routing configuration.

Hope this answers your question.

rvenus

Thank you for your reply. We found out that you can add and route different CIDR block in a single Google Cloud VPC which i not possible on other cloud provider. This feature resolves our issue assigning another Subnet CIDR block that is non-RFC 1918.

Kiranavhad

Hi,

Can you provide more details about this. How you performed tunnel using public ip.

And is the vms are accessible using public ip over tunnel.

Thanks in advance

Denseley

Hello @rvenus, thanks for this feedback, please can you share more details as to how you manage to achieve this. I'm currently stuck in a similar situation.

Thanks

Bouya11

can you specify the route and the next hop you add? we have this kind of request too. classic vpn with vpn tunnel and they only accept public ip