How to create the Google Cloud VPN Tunnel to connect subnetworks?

Zeynep Sanliturk
3 min readNov 17, 2018

I will show you how to connect two networks in your different Google Cloud projects. So I will create a VPN tunnel to connect Subnetwork A(10.52.0.0/16) to with Subnetwork B(10.60.1.0/24) as encrypted.

Click VPN under the Hybrid Connectivity from the left menu bar in Google Cloud Platform Networking section.

Firstly I am gonna create Google Compute Engine VPN gateway for project-A.

Set name section to “project-B-to-project-A” according to your current project, network, and region info. Define the static IP address for the gateway. Then Click the IP address bar and create IP address, note down this IP address. It is necessary when you are creating VPN for project B.

Now I will perform the same step for project B in a new tab and do not close both of it.

I will now go back to the VPN Tunnel creation process for project-A. I already completed the ‘Google Compute Engine VPN gateway’ step so I will continue to the next ‘Tunnels’ section as shown below.

I assigned the name value for project-B in the name field, so it is ‘project-A-to-project-B’.

In the Remote peer IP address section, I paste the static IP address that we created in project B(35.120.134.230). In the shared secret section, I generate a password with generate button and take a note of this password somewhere(For example: PZB88hQ2ek9nL6PWP9wwWqHRL6C5dDKs).

I choose policy based routing options in routing options because I want to specify remote network IP ranges and local subnets.

I enter the IP range of project B in the remote network IP ranges. Processes for project A are now complete.

Create and back to the Tunnels section of project B.

Here I enter the name as “project-B-to-project-A”. I paste the static IP address that we created in project-A to “Remote peer IP address” section. I enter the same secret value that we noted in the “Shared Secret” section.

I set the IP range of project-A to remote network IP ranges and I enter the range of project-B in Local IP ranges. It’s like the opposite of the project-A.

The status values of both VPN Tunnels must be established to ensure that the connection is ok as follows.

Fully encrypted and secure communication network is ready for our projects that speaks to each other.

--

--