Reputation: 1
GCP Add VPN Tunnels from one Peer VPN Gateway to another Peer VPN Gateway appears impossible; only the source VPN Gateway is available in Peer list
Within one project, I created two VPC networks, one in region us-central1 and one in region us-east1. Each has subnet 10.0.x.0/24. I know I could use VPC peering to connect these two subnets, however my goal is to verify I can setup a HA VPN connection between these two VPC networks.
Foreach VPC network I created an HA VPN gateway, named for their respective region: "vpn-gateway-central" and "vpn-gateway-east"; each has two public IP's for HA. I created two (one per each VPC) cloud routers for BGP use.
I fail when I try to create the VPN tunnels. My expectation based on available online tutorials (that have an older GCP UI) is that I create the tunnels in both directions, just like non-cloud VPN tunnels. From the central to the east, I attempt to create the tunnel in the "central" VPC, and I expect its remote peer(s) will be the set of IP's from the "east" VPC.
The GCP UI does something unexpected: It has me "SELECT PROJECT", and then it populates a drop-down for the "VPN gateway name" from which I select the peer. In this case, I would expect to see a list of VPN gateways that DO NOT exist within the VPC network from which I am starting. Thus, if I am starting from the "central" VPC network, then I expect to see the "east" VPC network in the "VPN gateway name". However, all I see is the VPN gateway name within the "central" region. The initiator and the peer IP's cannot be the same, but that is the result of making the only selection offered in the listbox "VPN gateway name".
I clearly cannot create this tunnel. Is this a bug in the new UI? Is this a beta? This GCP console UI has definitely changed from the ones I see in the online tutorials - where it appears to work (it exposes the remote VPN gateways, as one would intuitively expect, not the ones resident to the VPC network from which I am creating the tunnel).
This is my first VPN within GCP, so I'm likely missing something. However, in any case, if it's not broken, then at least it appears confusing. I will appreciate clarification/trick/workaround.
link to the GCP "Add VPN tunnels" dialogue where the unexpected list of VPN gateway names appears
I added another pic that shows the dialogue.
Upvotes: 0
Views: 1444
Answers (1)
Reputation: 36
I didn't notice any issue regarding Cloud VPN from GCP.
To create a HA VPN between VPCs, this is the proper documentation. In case you cannot create via UI, you can try to create it via gcloud commands, and you'll get more information about the issue that could be happening.
I recommend to check this, follow the guide and paste here the output of the gcloud commands if it fails.
Upvotes: 1
Related Questions
- How to configure "client-to-site" VPN on GCP using OpenVPN?
- Cannot create a classic route based VPN tunnel with Terraform in GCP
- Implementing Vpc peering in GCP
- How can i make VPN Tunnel Between GCP Cloud VPN and my PC?
- Moving a VPN Tunnel from Project A to Project B - GCP
- How to access a network though peering in GCP-AWS vpn?
- GCE Linux VM Can't access peer VPN hosts
- In GCP share a VPN gateway with other projects
- GCP VPN tunnel as default gateway for Internet connection
- How to setup VPN from on-premises to Google Cloud VPC