如何将 Compute Engine 实例连接到 Private VPN
[英]How to connect Compute Engine Instance to Private VPN
问题描述
I'm trying to use nmcli to configure a VPN in a remote machine.
我正在尝试使用 nmcli 在远程机器上配置 VPN。
The issue is that networking interfaces are google managed.问题是网络接口是由谷歌管理的。
I've created a VPN connection with sudo nmcli connection add type vpn vpn-type openvpn ifname test-vpn vpn.data "ca = /home/myuser/ca.vpn.cer, connection-type = password, password-flags = 2, port = 443, proto-tcp = yes, remote = vpn.mycompany.com, username = myuser@company.com"我已经使用sudo nmcli connection add type vpn vpn-type openvpn ifname test-vpn vpn.data "ca = /home/myuser/ca.vpn.cer, connection-type = password, password-flags = 2, port = 443, proto-tcp = yes, remote = vpn.mycompany.com, username = myuser@company.com"创建了一个 VPN 连接sudo nmcli connection add type vpn vpn-type openvpn ifname test-vpn vpn.data "ca = /home/myuser/ca.vpn.cer, connection-type = password, password-flags = 2, port = 443, proto-tcp = yes, remote = vpn.mycompany.com, username = myuser@company.com"
But when I try echo "vpn.secrets.password:mypass" > pass.txt; sudo nmcli connection up vpn-mangel-vpnt passwd-file pass.txt但是当我尝试echo "vpn.secrets.password:mypass" > pass.txt; sudo nmcli connection up vpn-mangel-vpnt passwd-file pass.txt echo "vpn.secrets.password:mypass" > pass.txt; sudo nmcli connection up vpn-mangel-vpnt passwd-file pass.txt it raise Error: Connection activation failed: Could not find source connection. echo "vpn.secrets.password:mypass" > pass.txt; sudo nmcli connection up vpn-mangel-vpnt passwd-file pass.txt它引发Error: Connection activation failed: Could not find source connection.
I've tried to change /etc/NetworkManager/NetworkManager.conf to set ifupdown manage to true:我尝试更改/etc/NetworkManager/NetworkManager.conf以将 ifupdown manage 设置为 true:
And adding those lines in /etc/network/interfaces并在/etc/network/interfaces添加这些行
With that, the VPN connects (Wrong pass fails) but the VPN is not connected to machine network这样,VPN 连接(错误传递失败)但 VPN 未连接到机器网络
After many attemps and error, deleting new interfaces that are dynamically created I finally got the vpn connected, and removing folders from run/interfaces I successfully connected to vpn and could check it with a ping.经过多次尝试和错误,删除动态创建的新接口后,我终于连接了 vpn,并从成功连接到 vpn 的run/interfaces删除了文件夹,并可以使用 ping 进行检查。 Some minutes later o lost the ssh connection.几分钟后 o 失去了 ssh 连接。 I've restarted the machine, but if I connect to the VPN lose the ssh connection.我已经重新启动了机器,但是如果我连接到 VPN 会丢失 ssh 连接。 And I can't replicate in a new instance.而且我无法在新实例中复制。
I don't have much idea about VPNs and Interfaces so could someone guide me in what look for?我对 VPN 和接口不太了解,所以有人可以指导我寻找什么吗?
1 个解决方案
解决方案1
0 2021-11-04 20:08:11
Google Cloud Virtual Private Cloud (VPC) networks are by default isolated private networking domains.默认情况下,Google Cloud Virtual Private Cloud (VPC) 网络是隔离的私有网络域。 Networks have a global scope and contain regional subnets.网络具有全球范围并包含区域子网。 VM instances within a VPC network can communicate among themselves using internal IP addresses as long as firewall rules permit.只要防火墙规则允许,VPC 网络中的虚拟机实例就可以使用内部 IP 地址在它们之间进行通信。 However, no internal IP address communication is allowed between networks, unless you set up mechanisms such as VPC Network Peering or Cloud VPN .但是,网络之间不允许进行内部 IP 地址通信,除非您设置了VPC 网络对等互连或Cloud VPN等机制。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.