What is the best way to connect 2 gcp VPCs(that resides in different organizations) in order to access resources protected by service control, cloud sql ect with private IPs?
I got it working by creating classic vpn between the 2 networks with static routs, but than I noticed that it is going to be deprecated(Documentation), so I checked the high availability vpn, and I can only choose projects I have access too and not the project from the other organization that I need to connect too.
I assume that I can implement a VPN gateway on VM and than use classic vpn to connect to it, but I wonder if there is a better way to do it.
Google Cloud VPC Network Peering is preferred for connectivity across two Virtual Private Cloud (VPC) networks in different organisations.
But each side of a peering association is set up independently and the role of Compute Network Admin (roles/compute.networkAdmin) is required for creating VPC Network Peering.If this doesn’t suits the set-up you’re working with, you can use Classic VPN tunnels with VPN gateways that do not support BGP routing as it is still supported by GCP.
If the traffic is low and infrequent, you can use point-to-site VPN with a VPN client (for example - openVPN, Viscosity) and VMware.
For further reading please follow the links below:
[1] for instructions on setting up VPC Peering
[2] for instructions on creating point-to-site gateways,
[3] for instructions on how to connect to GCP VPN using point-to-site VPN approach.
[1] https://cloud.google.com/vpc/docs/using-vpc-peering
[2] https://cloud.google.com/vmware-engine/docs/concepts-vpn-gateways
[3] https://cloud.google.com/vmware-engine/docs/networking/howto-vpn-connect