GCPcloud~30 mins

Cloud VPN for hybrid connectivity in GCP - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Cloud VPN for hybrid connectivity

📖 Scenario: You work for a company that has an on-premises data center and wants to securely connect it to their Google Cloud environment. To do this, they want to set up a Cloud VPN tunnel that allows private communication between the two networks.

🎯 Goal: Build a Cloud VPN setup in Google Cloud Platform that connects a Virtual Private Cloud (VPC) network to an on-premises network using a VPN gateway and tunnel.

📋 What You'll Learn

Create a VPC network named hybrid-vpc with a subnet hybrid-subnet in region us-central1 with IP range 10.10.0.0/16.

Create a Cloud VPN gateway named hybrid-vpn-gateway in us-central1 attached to the hybrid-vpc network.

Create a VPN tunnel named hybrid-vpn-tunnel connecting the Cloud VPN gateway to the on-premises VPN gateway IP 203.0.113.1 using IKEv2 and shared secret mysecret123.

Configure the VPN tunnel to route traffic to the on-premises subnet 192.168.100.0/24.

💡 Why This Matters

🌍 Real World

Many companies use Cloud VPN to securely connect their existing on-premises networks to their cloud environments, enabling hybrid cloud architectures.

💼 Career

Understanding how to configure Cloud VPN is essential for cloud engineers and network administrators managing hybrid cloud connectivity.

Progress0 / 4 steps

Create the VPC network and subnet

Create a VPC network called hybrid-vpc with a subnet named hybrid-subnet in region us-central1 with IP range 10.10.0.0/16 using gcloud commands.

GCP

# Your code here to create VPC network and subnet

Need a hint?

Use gcloud compute networks create with --subnet-mode=custom to create the VPC. Then create the subnet with gcloud compute networks subnets create.

Create the Cloud VPN gateway

Create a Cloud VPN gateway named hybrid-vpn-gateway in region us-central1 attached to the hybrid-vpc network using gcloud commands.

GCP

gcloud compute networks create hybrid-vpc --subnet-mode=custom

gcloud compute networks subnets create hybrid-subnet --network=hybrid-vpc --region=us-central1 --range=10.10.0.0/16
# Your code here to create Cloud VPN gateway

Need a hint?

Use gcloud compute vpn-gateways create with the network and region flags.

Create the VPN tunnel

Create a VPN tunnel named hybrid-vpn-tunnel connecting the Cloud VPN gateway hybrid-vpn-gateway to the on-premises VPN gateway IP 203.0.113.1 using IKEv2 and shared secret mysecret123 in region us-central1 with traffic selector for subnet 192.168.100.0/24.

GCP

gcloud compute networks create hybrid-vpc --subnet-mode=custom

gcloud compute networks subnets create hybrid-subnet --network=hybrid-vpc --region=us-central1 --range=10.10.0.0/16

gcloud compute vpn-gateways create hybrid-vpn-gateway --network=hybrid-vpc --region=us-central1
# Your code here to create VPN tunnel

Need a hint?

Use gcloud compute vpn-tunnels create with the VPN gateway, peer address, IKE version, shared secret, and traffic selectors.

Add route for on-premises subnet

Create a static route named route-to-onprem in the hybrid-vpc network that directs traffic to the on-premises subnet 192.168.100.0/24 through the VPN tunnel hybrid-vpn-tunnel.

GCP

gcloud compute networks create hybrid-vpc --subnet-mode=custom

gcloud compute networks subnets create hybrid-subnet --network=hybrid-vpc --region=us-central1 --range=10.10.0.0/16

gcloud compute vpn-gateways create hybrid-vpn-gateway --network=hybrid-vpc --region=us-central1

gcloud compute vpn-tunnels create hybrid-vpn-tunnel --region=us-central1 --vpn-gateway=hybrid-vpn-gateway --peer-address=203.0.113.1 --ike-version=2 --shared-secret=mysecret123 --local-traffic-selector=10.10.0.0/16 --remote-traffic-selector=192.168.100.0/24
# Your code here to create route

Need a hint?

Use gcloud compute routes create with the network, destination range, and next hop VPN tunnel details.