1

We have installed the OpenVPN software (from the marketplace) onto a VM.

We also have an IPSec tunnel set-up within the platform on the same subnet range.

How can I get the OpenVPN Virtual Machine and its VPN clients to be able to talk over the IPSec tunnel?

Any advise much appreciated.

Ryan
  • 11
  • 1
  • Can you reach resources behind IPsec tunnel from you VM with OpenVPN? – Serhii Rohoza Apr 09 '20 at 14:40
  • We have other VMs on the same Google Cloud subnet as the IPSec tunnel. From these VMs we can reach devices on the other end of the IPSec tunnel. So we just need to be able to route from the OpenVPN software/VM to the other side of the IPSec. I am not sure if its because of the random IP OpenVPN allocate? – Ryan Apr 09 '20 at 15:26

1 Answers1

0

Add a firewall rule to allow all traffic on port 1194 UDP (default): 0.0.0.0/0 for the Network Interface. You will need to add an external IP address for the clients to point to. Make sure the IP address is type Static and not Ephemeral or else it could change on you. I recommend pointing the clients to a DNS, i.e. (cloud.mydomain.com) instead of the static IP in case you ever need to create a new VM instance.

This is what we do without an IPsec tunnel, so maybe only allow traffic over your IPsec network instead of everything (0.0.0.0/0).

xinthose
  • 3,213
  • 3
  • 40
  • 59