Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Establishing a Site to Site VPN with a Google Cloud server

Has anyone out there set up a Sonicwall VPN with a Google Cloud server? It seems easy enough but we are not sure about the ip addressing. If someone could provide an example using fictitious ip addresses, that would be extremely helpful. Thanks.

Category: Mid Range Firewalls
Reply

Answers

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @Corey716

    Initial Google Cloud Platform Configuration

    Create virtual private gateway

    Go to the Hybrid Connectivity in the Google Cloud Platform Console.

    Create VPN Gateway.

    Fill the following details, while creating VPN gateway

    Name

    Network

    Region

    IP Address

    Create a Tunnel

    Name

    Remote peer IP Address

    IKE Version: IKEv2

    IKE pre-shared key

    Routing options: Route-based

    Remote network IP ranges

    Select done, then create


    Management Platform Configuration

    After entering the Management Platform, Select the name of the network in which you want to set the tunnel under the Networks tab in the left menu.

    Locate the desired gateway, then select the three-dotted menu (...), Add Tunnel, and finally IPSec Site-2-Site Tunnel.

    Fill in the following information:

    Name

    Shared Secret

    Public IP

    Remote Gateway Proposal Subnets-Specified Subnets

    1. Fill in the Advanced Settings
      • IKE Version: V2
      • IKE Lifetime: 8h
      • Tunnel Lifetime: 1h
      • Dead Peer Detection Delay: 10s
      • Dead Peer Detection Timeout: 30s
      • Encryption (Phase 1): aes256
      • Encryption (Phase 2): aes256
      • Integrity (Phase 1): sha1
      • Integrity (Phase 2): sha1
      • Diffie-Hellman Groups (Phase 1): 2
      • Diffie-Hellman Groups (Phase 1): 2

    Configuring the Routing Rules to the VPC Network:

    Go to the VPC Network in the Google Cloud Platform Console. Under the left menu go to Routes.

    Select Create Route Rule and fill in the following information:

    Name

    Network

    Destination network IP range

    Priority

    Next Hop: Select Specify VPN Tunnel

    Next hop VPN tunnel: Select the VPN tunnel you created in the previous steps.

    Select Create.

    Allow Incoming Connections from the Local Network using Firewall Rules:

    Go to the VPC Network in the Google Cloud Platform Console.

    Under the left menu go to Firewall Rules.


    Select Create Firewall Rule and fill in the following information:

    Name

    Logs

    Network

    Priority

    The direction of traffic should be Ingress

    Action on match: allow

    Target tags: optional

    Source filter: IP Ranges

    Source IP ranges:

    Second source filter: none

    Allowed protocols or ports: all

    Select Create:

    IKE Version: V2

    IKE Lifetime: 8h

    Tunnel Lifetime: 1h

    Dead Peer Detection Delay: 10s

    Dead Peer Detection Timeout: 30s

    Encryption (Phase 1): aes256

    Encryption (Phase 2): aes256

    Integrity (Phase 1): sha1

    Integrity (Phase 2): sha1

    Diffie-Hellman Groups (Phase 1): 2

    Diffie-Hellman Groups (Phase 2): 2

  • Corey716Corey716 Newbie ✭

    I repeat. If someone could provide an example using fictitious ip addresses, that would be extremely helpful.

Sign In or Register to comment.