You have set up a Cloud VPN tunnel between your on-premises network and Google Cloud. The tunnel is configured but the traffic is not passing through. Which of the following is the most likely reason?
Check if the routes are properly set to send traffic through the VPN tunnel.
Even if the VPN tunnel is established, traffic will not flow unless routing is configured to direct traffic through the tunnel. The other options are less likely because the VPN service must be enabled to create the tunnel, and the protocol used is supported. Firewall blocking outbound traffic would prevent tunnel establishment.
Which encryption protocol does Google Cloud VPN use to secure data in transit between your on-premises network and Google Cloud?
Think about protocols designed specifically for network layer encryption.
Google Cloud VPN uses IPsec to encrypt data between your on-premises network and Google Cloud. SSL/TLS is used for web traffic security, SSH is for secure shell access, and FTP over TLS is for file transfers.
You configure an HA VPN gateway with two interfaces in Google Cloud. What happens if one interface fails?
Consider how high availability is designed to handle failures.
HA VPN gateways are designed with redundancy. If one interface fails, traffic automatically fails over to the other interface to maintain connectivity without manual intervention.
You want to configure a Cloud VPN tunnel using dynamic routing with BGP. Which of the following must you configure on the Google Cloud side?
Dynamic routing with BGP requires a routing component to exchange routes.
To use dynamic routing with BGP on Cloud VPN, you must create a Cloud Router and attach it to the VPN gateway. This allows automatic route exchange. Static routes do not support dynamic BGP, and enabling flow logs or ICMP rules does not configure routing.
You need to maximize throughput for your Cloud VPN connection between your data center and Google Cloud. Which approach is best?
Think about redundancy and parallelism to increase throughput.
HA VPN gateways support multiple tunnels and interfaces, allowing traffic to be spread across them to increase total throughput. Using a single tunnel limits bandwidth. Disabling encryption is not supported and reduces security. Routing type does not significantly affect throughput.