Status Update
No update yet.
Comments
na...@gmail.com
ri...@cabestan-research.com
We need to communicate with third parties in secure manner via VPN.
Third parties dont / will not configure VPN tunnels to external sites using internal IP addresses that make those IP addresses appear as if internal .... its a BIG security concern.
If we cannot resolve this we will have to migrate off google cloud, and as google are keen to onboard investment banks and financial clients this is massive issue.
We are the first client trying to communicate with Morgan Stanley using google VPN and this is a BLOCKER
ge...@google.com
Hi all, it's now possible to configure subnets in VPC networks that privately re-use public IP addresses. In other words, internal IP addresses can be public addresses, as long as they're not Google's public addresses:
When you re-use public IP addresses internally, they can be accessed from an "on-premises" network connected using Cloud VPN or Interconnect.
Please note that re-using a public IP address internally doesn't make that IP address routable on the internet. You can, however, assign a single external IP address to a VM's network interface. This address will be implemented using one-to-one NAT. You can assign more external IPs to the same interface by using protocol forwarding.
Description
The reason we like to route the GCE instance public IP address across the VPN tunnel, is because our corporate network policy is to only allow Interesting traffic from public IP addresses in order to avoid any conflicts with our internal IP addressing.
Currently, Google Cloud VPN supports routing packets only using internal IP.
It would be nice to have the feature of using GCE instance's External IP when sending packets to on-premises network over the Cloud VPN tunnel.