1

I have an app running on Google App Engine. My app should use a SOAP web-service that exposed via IPSEC tunnel.

How can I establish this connection without any proxy in the middle?

noamcohen97
  • 453
  • 3
  • 13
  • I am curious to know how you eventually solved this problem. Did you set up a Compute Engine VPN as suggested by DT Rush? Of found another kind of "proxy"? I could not find any quick "plug-and-play" service to do this. – Louis LC Aug 05 '15 at 20:43

1 Answers1

3

Short answer: You can't, not on App Engine, although there are other Cloud Platform services parallel to App Engine that can easily be used. I'll explain why:

IPSEC operates at such a low level of the protocol stack that to expect to have that kind of granularity in a PaaS is a tall order, although not impossible. You could always make a feature request for some kind of language-runtime-level interface or config file for defining IPSEC connections & rules. You'd do that in the public issue tracker.

...Nonetheless I think App Engine and PaaS just doesn't allow the granularity you'll need if you're wanting to develop at that layer.

Compute Engine is IaaS that can be used to deploy a network of machines that can be accessed directly via IPSEC as a VPN gateway, with no proxy needed. It uses IKE v1 and v2.

If you wanted to use a proxy, compute engine can also of course be directed to establish connections with that proxy, as any other box could.

So you can see that the answer to how you should deploy depends on what you want to accomplish.

DT Rush
  • 171
  • 1
  • 10
  • The VPN feature in google compue engine is currently on alpha. Is there somthing more stable that can be used? – noamcohen97 Mar 01 '15 at 08:03
  • You could always deploy your own network, define the IPSEC connections and provision the resources? Something more stable than alpha would be beta? I'm not sure what you're expecting as an answer. It was already a not great question for stack since it's not programming-related (maybe server fault?), and tends to attract opinionated answers. – DT Rush Mar 01 '15 at 19:10
  • 1
    BTW Cloud VPN just went Beta, so it seems well on track to stability :) – DT Rush Mar 12 '15 at 14:44
  • Just updating because I saw a post about it and felt you might be interested – DT Rush Mar 12 '15 at 14:44