Scribd Logo
Upload

Welcome to Scribd!

  • GCP VPN Tunnel Lab

    Uploaded by

    navin_net
    40 views3 pages

    Original Title

    GCP_VPN_Tunnel_lab

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    40 views3 pages

    GCP VPN Tunnel Lab

    Uploaded by

    navin_net

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Server 1 10.5.4.2 34.67.152.

    63
    Server 2 10.1.3.2 35.189.230.241

    gcloud config set project qwiklabs-gcp-00-40c792cf7c95


    gcloud compute ssh --zone us-central1-b server-1
    gcloud compute ssh --zone europe-west1-b server-2
    vpn2 static ip 35.241.214.146
    vpn1 static ip 35.188.86.138

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" target-vpn-gateways create


    "vpn-1" --region "us-central1" --network "vpn-network-1"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create


    "vpn-1-rule-esp" --region "us-central1" --address "35.188.86.138" --ip-protocol
    "ESP" --target-vpn-gateway "vpn-1"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create


    "vpn-1-rule-udp500" --region "us-central1" --address "35.188.86.138" --ip-protocol
    "UDP" --ports "500" --target-vpn-gateway "vpn-1"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create


    "vpn-1-rule-udp4500" --region "us-central1" --address "35.188.86.138" --ip-protocol
    "UDP" --ports "4500" --target-vpn-gateway "vpn-1"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" vpn-tunnels create


    "tunnelt1to2" --region "us-central1" --peer-address "35.241.214.146" --shared-
    secret "gcprocks" --ike-version "2" --local-traffic-selector "0.0.0.0/0" --target-
    vpn-gateway "vpn-1"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" routes create "tunnelt1to2-


    route-1" --network "vpn-network-1" --next-hop-vpn-tunnel "tunnelt1to2" --next-hop-
    vpn-tunnel-region "us-central1" --destination-range "10.1.3.0/24"
    ===============
    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/regions/us-central1/targetVpnGateways
    {
    "name": "vpn-1",
    "network": "projects/qwiklabs-gcp-00-40c792cf7c95/global/networks/vpn-network-1",
    "region": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-central1"
    }

    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/regions/us-central1/forwardingRules
    {
    "name": "vpn-1-rule-esp",
    "IPProtocol": "ESP",
    "IPAddress": "35.188.86.138",
    "region": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-central1",
    "target": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/targetVpnGateways/vpn-1"
    }

    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/regions/us-central1/forwardingRules
    {
    "name": "vpn-1-rule-udp500",
    "IPProtocol": "UDP",
    "IPAddress": "35.188.86.138",
    "region": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-central1",
    "target": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/targetVpnGateways/vpn-1",
    "portRange": "500"
    }

    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/regions/us-central1/forwardingRules
    {
    "name": "vpn-1-rule-udp4500",
    "IPProtocol": "UDP",
    "IPAddress": "35.188.86.138",
    "region": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-central1",
    "target": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/targetVpnGateways/vpn-1",
    "portRange": "4500"
    }

    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/regions/us-central1/vpnTunnels
    {
    "kind": "compute#vpnTunnel",
    "name": "tunnelt1to2",
    "selfLink": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/vpnTunnels/tunnelt1to2",
    "sharedSecret": "gcprocks",
    "peerIp": "35.241.214.146",
    "region": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-central1",
    "ikeVersion": 2,
    "targetVpnGateway": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/targetVpnGateways/vpn-1",
    "localTrafficSelector": [
    "0.0.0.0/0"
    ],
    "remoteTrafficSelector": [
    "0.0.0.0/0"
    ]
    }

    POST https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-
    40c792cf7c95/global/routes
    {
    "kind": "compute#route",
    "name": "tunnelt1to2-route-1",
    "destRange": "10.1.3.0/24",
    "nextHopVpnTunnel": "projects/qwiklabs-gcp-00-40c792cf7c95/regions/us-
    central1/vpnTunnels/tunnelt1to2",
    "network": "projects/qwiklabs-gcp-00-40c792cf7c95/global/networks/vpn-network-1",
    "priority": 1000
    }

    ===========================
    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" target-vpn-gateways create
    "vpn-2" --region "europe-west1" --network "vpn-network-2"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create


    "vpn-2-rule-esp" --region "europe-west1" --address "35.241.214.146" --ip-protocol
    "ESP" --target-vpn-gateway "vpn-2"
    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create
    "vpn-2-rule-udp500" --region "europe-west1" --address "35.241.214.146" --ip-
    protocol "UDP" --ports "500" --target-vpn-gateway "vpn-2"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" forwarding-rules create


    "vpn-2-rule-udp4500" --region "europe-west1" --address "35.241.214.146" --ip-
    protocol "UDP" --ports "4500" --target-vpn-gateway "vpn-2"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" vpn-tunnels create


    "tunnelt2to1" --region "europe-west1" --peer-address "35.188.86.138" --shared-
    secret "gcprocks" --ike-version "2" --local-traffic-selector "0.0.0.0/0" --target-
    vpn-gateway "vpn-2"

    gcloud compute --project "qwiklabs-gcp-00-40c792cf7c95" routes create "tunnelt2to1-


    route-1" --network "vpn-network-2" --next-hop-vpn-tunnel "tunnelt2to1" --next-hop-
    vpn-tunnel-region "europe-west1" --destination-range "10.5.4.0/24"

    You might also like