GoodAccess WebsiteRequest Free TrialDownload App

Google Cloud

This guide will show you how to connect your Google Cloud to the GoodAccess Gateway via a site-to-site connection using the IPsec protocol.

Step 1 - Creating a new cloud connection

Log in to the GoodAccess Control Panel, and go to Network > Clouds & Branches.

Click + Add new, enter the Cloud name and subnet, and select Gateway.

Choose IPSec Protocol, fill out the Settings configuration form, and click Save.

You may return to the configuration via the Edit button of your Cloud at any time.

Example of configuration (Default preset):

  • Cloud/Branch subnet - Subnet of your Google Cloud VPC network

  • Shared Secret - Create a new strong password

  • Public IP - IP of your Google Cloud VPN gateway

  • IKE Lifetime (Phase 1) - 8 hours (28800 seconds)

  • Tunnel Lifetime (Phase 2) - 1 hour (3600 seconds)

  • Dead Peer Detection Delay - 30 seconds

  • Encryption (Phase 1) - aes256

  • Encryption (Phase 2) - aes256

  • Integrity (Phase 1) - sha256

  • Integrity (Phase 2) - sha256

  • Diffie-Hellman Groups (Phase 1) - 16 - modp4096

  • Diffie-Hellman Groups (Phase 2) - 16 - modp4096

Step 2 - Creating a new VPN connection

Log in to Google Cloud console, and go to Network Connectivity > VPN, and click Create VPN Connection.

Select Classic VPN, and click Continue.

VPN gateway

  • Name - Give the VPN gateway a name

  • Network - Select default or a specific VPC

  • Region - Preferably the region in which your resources lie

  • IP address - Create an IP address

Tunnels

  • Name - Give the tunnel a name

  • Remote peer IP address - IP of your GoodAccess Gateway

  • IKE version - IKEv2

  • IKE pre-shared key - Shared Secret (Step 1)

  • Routing options - Route-based

  • Remote network IP ranges - Subnet of your GoodAccess Gateway

Click Done and then Create.

You have now successfully connected your Google Cloud resources to GoodAccess.

You may check the status of the connection in:

  • GoodAccess - Control Panel > Clouds & Branches > Edit button > Test connection

  • Google Cloud - Network Connectivity > VPN

Step 3 - Creating a new Firewall rule

Go to Network Security > Cloud NGFW > Firewall policies and click + Create Firewall Rule.

  • Name - Give the rule a name

  • Network - Select default or a specific VPC (should be the same as in Step 2)

  • Direction of traffic - Ingress

  • Action on match - Allow

  • Targets - Optional

  • Source filter - IPv4 ranges

  • Source IPv4 ranges - Subnet of your GoodAccess Gateway

  • Second source filter - None

  • Destination filter - IPv4 ranges

  • Destination IPv4 ranges - Subnet of your Google Cloud VPC network

  • Protocols and ports - Optional

Click Create.

PreviousAWSNextMicrosoft Azure

Last updated