0

I have a GCP Classic VPN (Profile based routing) to an onsite end point. The tunnel is established and I can see that the appropriate routes are added to both GCP and the onsite router.

I have created Ingress and Egress Firewall rules at both ends w/ logging enabled and the GCP Connectivity Tests show that a packet from the default GCP network would reach the destination onsite LAN address.

Packet could be forwarded

Configuration analysis determines that the packet could be forwarded to VPN gateway (-)

I have a test App Script that attempts a URLFetch from an onsite server. I believe the GAS project is correctly associated with the GCP running the VPN connection but whenever I run the GAS project it fails with a "Bad Request" and no traffic is logged as being transferred over the tunnel.

Any ideas what I am missing?

TIA.

John
  • 1
  • I've booted a VM on the same GCP project and from that VM I can Ping both ways. This points to something I haven't configured correctly for the Apps Script (or it's not possible w/ Apps Script), any ideas? – John Feb 24 '21 at 13:48
  • Hi, Google Workspace is a different environment that Google Cloud Platform and the GW are not running on GCP. Thus you their access cannot be restricted with the GCP Firewall. I think you the [App Scrips documentation page regarding authorization](https://developers.google.com/apps-script/guides/services/authorization) to check how to manage access private data. – llompalles Mar 01 '21 at 11:25

0 Answers0