Cloud VPN securely connects on-premises networks and other cloud providers to Google Cloud. IPsec-encrypted tunnels over the internet, easily set up in minutes.
What is Cloud VPN?
Cloud VPN creates encrypted IPsec tunnels between your data center and Google Cloud VPC. Traffic flows over the public internet but is end-to-end encrypted with IKEv2/IPsec.
HA VPN (High Availability) offers 99.99% SLA through redundant tunnels. If one tunnel fails, the other takes over automatically.
HA VPN vs. Classic VPN
| Criteria | HA VPN | Classic VPN |
|---|---|---|
| SLA | 99.99% | 99.9% |
| Redundancy | 2+ tunnels | 1 tunnel |
| Routing | BGP recommended | Static or BGP |
| Status | Active | Deprecated |
Recommendation: Always use HA VPN for production workloads.
Core Features
- IPsec IKEv2: Industry-standard encryption
- 99.99% SLA: With HA VPN and redundant tunnels
- BGP Routing: Dynamic routing with Cloud Router
- Multi-Cloud: Connection to AWS, Azure, and other clouds
- Quick Setup: VPN in minutes, not weeks
Typical Use Cases
Hybrid Cloud
Connect on-premises data centers with GCP. Workloads in GCP access legacy systems, on-premises applications use cloud services.
Multi-Cloud Connectivity
Cloud VPN connects GCP with AWS VPC or Azure VNet. Ideal for multi-cloud strategies or migration between clouds.
Branch Office Connection
Small locations without dedicated lines use Cloud VPN over internet. HA VPN with two ISPs for redundancy.
Disaster Recovery
Replicate data over VPN to GCP for DR. If the primary data center fails, GCP takes over.
Cloud VPN vs. Cloud Interconnect
| Criteria | Cloud VPN | Cloud Interconnect |
|---|---|---|
| Medium | Public internet | Dedicated line |
| Bandwidth | Up to ~10 Gbit/s | 10-200 Gbit/s |
| Latency | Variable | Constant, lower |
| Setup | Minutes | Weeks |
| Cost | Lower | Higher |
| Use Case | Small/medium workloads | Enterprise, critical apps |
Benefits
- Fast: VPN tunnels set up in minutes
- Affordable: From $0.05/hour, no hardware needed
- Secure: IPsec encryption standard
- Highly Available: 99.99% SLA with HA VPN
Integration with innFactory
As a Google Cloud Partner, innFactory supports you with Cloud VPN: hybrid architecture, HA VPN setup, BGP configuration, and network design for secure cloud connectivity.
Typical Use Cases
Technical Specifications
Frequently Asked Questions
What is Cloud VPN?
Cloud VPN establishes encrypted IPsec connections between your on-premises network and Google Cloud VPC. Traffic flows over the public internet but is encrypted with IPsec. For dedicated lines without internet, use Cloud Interconnect.
What is the difference between HA VPN and Classic VPN?
HA VPN offers 99.99% SLA through redundant tunnels over two interfaces. Classic VPN has only one tunnel with 99.9% SLA. For production workloads, we always recommend HA VPN. Classic VPN is deprecated.
How much bandwidth does Cloud VPN offer?
Each tunnel supports up to 3 Gbit/s. With HA VPN, you can use multiple tunnels in parallel and configure ECMP (Equal-Cost Multi-Path) for higher aggregate throughput. For more than 10 Gbit/s, we recommend Cloud Interconnect.
How much does Cloud VPN cost?
HA VPN gateways cost $0.05/hour. Each tunnel costs $0.025/hour. Plus egress costs for traffic to on-premises (from $0.085/GB, with discounts at high volume). Ingress is free.
When should I use Cloud VPN instead of Cloud Interconnect?
Cloud VPN is ideal for smaller bandwidths (up to ~10 Gbit/s), quick setup (minutes instead of weeks), and when variable traffic over internet is acceptable. Cloud Interconnect offers dedicated lines for higher bandwidths, lower latency, and guaranteed performance.
