6

We have a VPN tunnel from the office to the Google Cloud. It's working correctly, we are able to hit VMs and containers (kubernetes).

The problem is that the SQL instance can't be accessed using this tunnel. You can jump through a VM instance but you can't connect directly. Apparently the problem is that the SQL instances are not directly connected to a VPC subnet. We tried forcing the route on the "Cloud Router" for the VPC but that didn't work. We tried adding an "allow-all" firewall rule for all the VPC range, it wasn't that either.

Any idea on how to reach the SQL instances through the VPN tunnel?

ModMed SysAdmin
  • 73
  • 1
  • 5

3 Answers3

3

As per the official documentation1:

You cannot access a Cloud SQL instance on its private IP addresses from another network using a Cloud VPN tunnel, instance based VPN, or Cloud Interconnect. This limit applies to both on-premises networks and other VPC networks.

There is a feature request to get this implemented2.

My suggestion is to use Cloud SQL Proxy3, so the on-prem communicates with the proxy with the standard database protocol used by your database and then the proxy uses a secure tunnel to communicate with its companion process running on the server.

This official documentationp4 may serve you well.

Community
  • 1
Lozano
  • 123
  • 2
2

Quite old question, but I might help. I have a VPN connected to GCP with BGP and I am able to talk with a SQL Cloud instance. https://cloud.google.com/sql/docs/postgres/configure-private-ip#vpn

This is the way.

It is definitely possible. Answering a really old thread because this is the first result that I was getting in Google and can be missleading

TanisDLJ
  • 121
  • 4
0

I think the best solution would be to configure the private IP within VPC here is the manual for SQLServer but it exists for all types of instances

  1. SQLserver https://cloud.google.com/sql/docs/sqlserver/configure-private-ip
  2. Mysql https://cloud.google.com/sql/docs/mysql/configure-private-ip#vpn

PD: here is the issue marked as solved

https://issuetracker.google.com/issues/124468301?pli=1

pcaceres
  • 129
  • 1
  • 5