Google Cloud VPN
About Google Cloud VPN
Google Cloud VPN allows you to connect your existing infrastructure to Google Cloud Platform over the Internet or other public network in an authenticated, encrypted manner.
Google Compute Engine VPN securely connects your existing network to your Compute Engine network via an IPsec VPN connection. Traffic traveling between the two networks is encrypted by one VPN gateway, then decrypted by the other VPN gateway. This protects your data as it travels over the insecure Internet.
You can use Google Compute Engine VPN to connect two different Google Compute Engine networks or regions.
Compute Engine VPN only supports gateway-to-gateway scenarios. You must have a dedicated physical or virtual VPN gateway on the client side. Compute Engine VPN does not currently support client-to-gateway (road warrior) scenarios. In other words, it doesn’t work with client software on a laptop, only with full VPN gateway software.
Knowledge of Compute Engine networks, routes, and protocol forwarding is useful for understanding how your VPN gateway fits into your Compute Engine network.
VPN provides an SLA of 99.9% service availability.
Site-to-site VPN is supported. You can have multiple tunnels to a single VPN gateway.
Static routes, for managing traffic between your Compute Engine virtual machines and your existing infrastructure, are supported.
Both IKEv1 and IKEv2 are supported using a shared secret (IKE pre-shared key).
Compute Engine VPN uses ESP in Tunnel mode with authentication. AH and ESP in Transport mode are not supported.