Configure a Static Route to Reach Virtual Machines in the GCP VPC
With the setup example discussed in this document, there is no requirement to update or configure the on-prem subnet default gateway or core switch or router with routing into the VPC. This allows the PoC setup to be deployed in an existing networking environment without requiring advance planning and changes. However, when you run a virtual machine in cloud and wish to access it from on-prem using RDP (for Windows) or SSH (for Linux) you will need a client machine or a jump server to be configured with proper static routing to get to the VPC.
When working in a lab environment, where your own PC may not be on the same subnet as the VyOS VPN virtual appliance on vSphere, you may want to setup another virtual machine to serve as a jump server. You will then remote into that jump server from your PC and from there reach out to the VMs in the lab or in the cloud. In this case the static route to the VPC will be added on the jump server.
If your PC is on the same subnet as the VyOS VPN virtual appliance on vSphere, you may apply the static route on your PC directly to reach the cloud resources.
To configure the static route, you will need the GCP VPC CIDR configured in the Cloud Deployment section (e.g. 10.10.0.0/16), and the static IP of the VyOS virtual appliance on-prem (e.g. 192.168.10.10).
Note:The following example is for a Windows operating system. You may apply a similar approach on a Linux machine.
To configure a static route to reach Virtual Machines in the GCP VPC:
- On a Windows PC or virtual machine, open a CMD.EXE command line as an administrator and run the following command to create a persistent route. replace the networking parameters with your specifics.
route add -p 10.10.0.0 mask 255.255.0.0 192.168.10.10
- Check the reachability of the VyOS VPN Gateway instance in GCP by running a ping to the private IP (for example 10.10.X.X) address as show in the GCP Console.