Build a VPN from a Watchguard to Google Cloud Platform
Configure VPN in Google Cloud Platform
Google Compute Engine-VPN-Gateway
It’s easy to create a site-2-site to a watchguard. All you need is
- Name for the Gateway
- a local network
- the region
- and a static ip
You can create one or more tunnel per gateway.
The following information is required:
- Remote IP (IP Address of the WAN interface)
- IKE Version (since Fireware 11.11.2 Watchguard support IKEv2)
- Shared Secret
- Remote network (e.g. 192.168.0.0/24)
- Local network (Chose one of your gce networks e.g. 10.132.0.0/20)
Well done, we’ve create the VPN at the first site. Time to configure the watchguard.
Configure the Watchguard
You can use the webinterface or the watchguard system manager to configure a branch office vpn. I prefer the system manager. So we start with the system manager.
Watchguard System Manager
You can download the latest version on watchguard.com
Branch Office Gateway
Open the Policy Manager and create a Branch Office Gateway.
What you need:
- Local Gateway IP Address
- Remote Gateway IP
- Gateway ID for tunnel authentication (is the remote IP)
For further information about the supported IKE ciphers pelase see the google compute engine documentation