{"id":501,"date":"2018-10-08T22:02:00","date_gmt":"2018-10-08T13:02:00","guid":{"rendered":"https:\/\/wp.zassoul.com\/?p=501"},"modified":"2018-10-08T22:02:00","modified_gmt":"2018-10-08T13:02:00","slug":"gcp%e3%81%a8vpn%e6%8e%a5%e7%b6%9a%e3%81%99%e3%82%8b%ef%bd%9e%e3%81%9d%e3%81%ae2%ef%bd%9e","status":"publish","type":"post","link":"https:\/\/wp.zassoul.com\/?p=501","title":{"rendered":"GCP\u3068VPN\u63a5\u7d9a\u3059\u308b\uff5e\u305d\u306e2\uff5e"},"content":{"rendered":"<p>GCP\u3068\u306eVPN\u63a5\u7d9a\u3067, <a href=\"https:\/\/zassoul.blogspot.com\/2018\/10\/gcpvpn.html\" target=\"_blank\" rel=\"noopener noreferrer\">\u30dd\u30ea\u30b7\u30fc\u30d9\u30fc\u30b9<\/a>\u3067\u306f\u306a\u304f\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u30d9\u30fc\u30b9\u3067\u3084\u3063\u3066\u307f\u308b\u3002<\/p>\n<p>\u69cb\u6210\u306f\u524d\u56de\u3068\u307b\u307c\u5909\u308f\u3089\u305a\u3002<br \/>\u30af\u30e9\u30a6\u30c9\u30eb\u30fc\u30bf\u3068\u306e\u9593\u306e\u30bb\u30b0\u30e1\u30f3\u30c8\u304c\u5897\u3048\u305f\u611f\u3058\u3002<\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-bQ2W_iqLs0c\/W7tFiVokrxI\/AAAAAAAAAZQ\/dpO3iEFT1wAaJq08iVoEaZUwcT36PQOBACLcBGAs\/s1600\/GCP_figure_BGP.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"573\" data-original-width=\"1227\" height=\"149\" src=\"https:\/\/4.bp.blogspot.com\/-bQ2W_iqLs0c\/W7tFiVokrxI\/AAAAAAAAAZQ\/dpO3iEFT1wAaJq08iVoEaZUwcT36PQOBACLcBGAs\/s320\/GCP_figure_BGP.png\" width=\"320\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">GCP\u5074\u306bBGP\u30eb\u30fc\u30bf\u304c\u3067\u304d, \u305d\u308c\u3068\u306e\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u8a2d\u5b9a\u304c\u8ffd\u52a0\u3068\u306a\u308b<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>\u524d\u63d0\u6761\u4ef6(<a href=\"https:\/\/zassoul.blogspot.com\/2018\/10\/gcpvpn.html\" target=\"_blank\" rel=\"noopener noreferrer\">\u30dd\u30ea\u30b7\u30fc\u30d9\u30fc\u30b9<\/a>\u306e\u524d\u63d0\u3092\u5927\u4f53\u5f15\u304d\u7d99\u3050)<\/h3>\n<p><\/p>\n<ul>\n<li>GCP\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u8a2d\u5b9a\u6e08\u307f<\/li>\n<li>(VPC\u4f5c\u6210\u6e08\u307f, VPC\u4f5c\u6210\u5f8c\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3082\u4f5c\u6210\u6e08\u307f)<\/li>\n<li>\u5bb6\u5074\u306eNAT\u8a2d\u5b9a\u6e08\u307f<\/li>\n<li>\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u30d9\u30fc\u30b9\u306a\u306e\u3067, VTI\u3092\u63a1\u7528<\/li>\n<\/ul>\n<h3>\u6d41\u308c<\/h3>\n<p>1. \u30af\u30e9\u30a6\u30c9\u30eb\u30fc\u30bf\u8a2d\u5b9a<br \/>2. VPN\u8a2d\u5b9a(Cisco)<\/p>\n<p><\/p>\n<h3>1. \u30af\u30e9\u30a6\u30c9\u30eb\u30fc\u30bf\u8a2d\u5b9a<\/h3>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-xisHZiiF-n0\/W7tDXM1puWI\/AAAAAAAAAYQ\/nLlINe3QUlIjhJCpK3MvUotPHry9oABqwCLcBGAs\/s1600\/GCP_VPN2_01.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"631\" data-original-width=\"231\" height=\"320\" src=\"https:\/\/4.bp.blogspot.com\/-xisHZiiF-n0\/W7tDXM1puWI\/AAAAAAAAAYQ\/nLlINe3QUlIjhJCpK3MvUotPHry9oABqwCLcBGAs\/s320\/GCP_VPN2_01.png\" width=\"117\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u30cd\u30c3\u30c8\u30ef\u30fc\u30ad\u30f3\u30b0\u304b\u3089\u300c\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9\u63a5\u7d9a\u300d\u3092\u9078\u629e<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/1.bp.blogspot.com\/-0aek3uXKtIU\/W7tDXKvMWxI\/AAAAAAAAAYY\/4pBuWOzY36cC7ptpxREndvDDPC3topY2QCLcBGAs\/s1600\/GCP_VPN2_02.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"166\" data-original-width=\"329\" height=\"161\" src=\"https:\/\/1.bp.blogspot.com\/-0aek3uXKtIU\/W7tDXKvMWxI\/AAAAAAAAAYY\/4pBuWOzY36cC7ptpxREndvDDPC3topY2QCLcBGAs\/s320\/GCP_VPN2_02.png\" width=\"320\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u300c\u30eb\u30fc\u30bf\u30fc\u3092\u4f5c\u6210\u300d\u3092\u30af\u30ea\u30c3\u30af<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-cSCXckfNys0\/W7tDXIo7nYI\/AAAAAAAAAYU\/gfuJyXUWg1kaEu-u00TRK4rphBX2inU1QCLcBGAs\/s1600\/GCP_VPN2_03.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"485\" data-original-width=\"384\" height=\"320\" src=\"https:\/\/4.bp.blogspot.com\/-cSCXckfNys0\/W7tDXIo7nYI\/AAAAAAAAAYU\/gfuJyXUWg1kaEu-u00TRK4rphBX2inU1QCLcBGAs\/s320\/GCP_VPN2_03.png\" width=\"253\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u5fc5\u8981\u4e8b\u9805\u3092\u8a18\u5165\u3059\u308b\u3002<br \/>\u4eca\u56de, BGP\u306eAS No\u306fGCP\u5074\u306f64512\u3068\u3057\u305f\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<div style=\"clear: both; text-align: center;\"><a href=\"https:\/\/3.bp.blogspot.com\/-ihrBYaL2sP4\/W7tDXsRnP0I\/AAAAAAAAAYc\/L3_qvKfJ-4M5-dovhCsbHUVJQIJXBgjxwCLcBGAs\/s1600\/GCP_VPN2_04.png\" style=\"margin-left: 1em; margin-right: 1em;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"249\" data-original-width=\"991\" height=\"80\" src=\"https:\/\/3.bp.blogspot.com\/-ihrBYaL2sP4\/W7tDXsRnP0I\/AAAAAAAAAYc\/L3_qvKfJ-4M5-dovhCsbHUVJQIJXBgjxwCLcBGAs\/s320\/GCP_VPN2_04.png\" width=\"320\" \/><\/a><\/div>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/3.bp.blogspot.com\/-dTadgI6xXXk\/W7tDX1zTUjI\/AAAAAAAAAYg\/KGJvFZCjXzQVVUS5HXMM2G6BSRHouSoLQCLcBGAs\/s1600\/GCP_VPN2_05.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"434\" data-original-width=\"278\" height=\"320\" src=\"https:\/\/3.bp.blogspot.com\/-dTadgI6xXXk\/W7tDX1zTUjI\/AAAAAAAAAYg\/KGJvFZCjXzQVVUS5HXMM2G6BSRHouSoLQCLcBGAs\/s320\/GCP_VPN2_05.png\" width=\"204\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u30eb\u30fc\u30bf\u30fc\u4f5c\u6210\u5f8c, \u300cVPN\u30c8\u30f3\u30cd\u30eb\u3092\u8ffd\u52a0\u300d\u3059\u308b\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/3.bp.blogspot.com\/-M0y9PmGP15k\/W7tDX04G1MI\/AAAAAAAAAYk\/ibPFWZkCz-8WlK_qeXKjKAAbRl_UMP24QCLcBGAs\/s1600\/GCP_VPN2_06.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"574\" data-original-width=\"393\" height=\"320\" src=\"https:\/\/3.bp.blogspot.com\/-M0y9PmGP15k\/W7tDX04G1MI\/AAAAAAAAAYk\/ibPFWZkCz-8WlK_qeXKjKAAbRl_UMP24QCLcBGAs\/s320\/GCP_VPN2_06.png\" width=\"218\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u5404\u9805\u76ee\u3092\u8a18\u5165\u3057, BGP\u30bb\u30c3\u30b7\u30e7\u30f3\u306e\u7de8\u96c6\u30dc\u30bf\u30f3\u3092\u30af\u30ea\u30c3\u30af\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-HO0kz5GcYsA\/W7tDYHLsEvI\/AAAAAAAAAYo\/WeiZCQN5ygA4djiiU2uvj8sv3SamoZC9QCLcBGAs\/s1600\/GCP_VPN2_07.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"866\" data-original-width=\"372\" height=\"400\" src=\"https:\/\/4.bp.blogspot.com\/-HO0kz5GcYsA\/W7tDYHLsEvI\/AAAAAAAAAYo\/WeiZCQN5ygA4djiiU2uvj8sv3SamoZC9QCLcBGAs\/s400\/GCP_VPN2_07.png\" width=\"171\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u3053\u3053\u3067\u306f\u5bb6\u5074\u306eAS No\u309265000\u3068\u3057, \u30c8\u30f3\u30cd\u30eb\u9593\u306e\u30bb\u30b0\u30e1\u30f3\u30c8\u60c5\u5831\u3092\u8a18\u5165\u3059\u308b\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/1.bp.blogspot.com\/-Pyy6470kKaY\/W7tDYXOcSHI\/AAAAAAAAAYs\/Vs9FGigm36EkF7Cjvp6OV_QfQKtdNm_WgCLcBGAs\/s1600\/GCP_VPN2_08.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"471\" data-original-width=\"384\" height=\"320\" src=\"https:\/\/1.bp.blogspot.com\/-Pyy6470kKaY\/W7tDYXOcSHI\/AAAAAAAAAYs\/Vs9FGigm36EkF7Cjvp6OV_QfQKtdNm_WgCLcBGAs\/s320\/GCP_VPN2_08.png\" width=\"260\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u8a2d\u5b9a\u306e\u7d50\u679c\u3092\u78ba\u8a8d\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-Lg0KsoOTBkM\/W7tDYQisHRI\/AAAAAAAAAYw\/IloolLignxAu0xWK2gTEog-RedZiy4ksQCLcBGAs\/s1600\/GCP_VPN2_09.png\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"441\" data-original-width=\"326\" height=\"320\" src=\"https:\/\/4.bp.blogspot.com\/-Lg0KsoOTBkM\/W7tDYQisHRI\/AAAAAAAAAYw\/IloolLignxAu0xWK2gTEog-RedZiy4ksQCLcBGAs\/s320\/GCP_VPN2_09.png\" width=\"236\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">\u3053\u308c\u3067GCP\u5074\u306f\u5b8c\u4e86\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>2. VPN\u8a2d\u5b9a(Cisco)<\/h3>\n<p>VTI\u306b\u6e96\u3058\u305f\u8a2d\u5b9a\u3092\u5165\u308c\u3066\u3044\u304f\u3002<br \/><u>\u95a2\u9023Config\u629c\u7c8b<\/u><\/p>\n<pre>crypto ikev2 proposal GCP_proposal<br \/> encryption aes-cbc-256 aes-cbc-192 aes-cbc-128<br \/> integrity sha256<br \/> group 16<br \/>!<br \/>crypto ikev2 policy GCP_policy<br \/> proposal GCP_proposal<br \/>!<br \/>crypto ikev2 keyring GCP_Key<br \/> peer GCP<br \/>  address &lt;GCP\u306eIP\u30a2\u30c9\u30ec\u30b9&gt;<br \/>  pre-shared-key &lt;\u5171\u6709\u30ad\u30fc&gt;<br \/> !<br \/>!<br \/>!<br \/>crypto ikev2 profile IKEv2_Profile<br \/> match identity remote address &lt;GCP\u306eIP\u30a2\u30c9\u30ec\u30b9&gt; 255.255.255.255<br \/> identity local address &lt;\u5bb6\u306eGlobal IP&gt;<br \/> authentication remote pre-share<br \/> authentication local pre-share<br \/> keyring local GCP_Key<br \/> lifetime 3600<br \/>!<br \/>!<br \/>crypto ipsec transform-set TS esp-aes 256 esp-sha256-hmac<br \/> mode tunnel<br \/>!<br \/>crypto ipsec profile GCP_Profile<br \/> set transform-set TS<br \/> set pfs group16<br \/> set ikev2-profile IKEv2_Profile<br \/>!<br \/>crypto ipsec profile VTI<br \/> set transform-set TS<br \/> set pfs group16<br \/>!<br \/>interface Tunnel1<br \/> ip address 169.254.1.2 255.255.255.252<br \/> tunnel source Vlan100<br \/> tunnel mode ipsec ipv4<br \/> tunnel destination &lt;GCP\u306eIP\u30a2\u30c9\u30ec\u30b9&gt;<br \/> tunnel protection ipsec profile GCP_Profile<br \/>!<br \/><\/pre>\n<pre>!<br \/>router bgp 65000<br \/> bgp log-neighbor-changes<br \/> network 192.168.1.0<br \/> network 192.168.10.0<br \/> neighbor 169.254.1.1 remote-as 64512<br \/>!<br \/><\/pre>\n<div><\/div>\n<h3>\u901a\u4fe1\u78ba\u8a8d <\/h3>\n<pre>#ping 10.10.10.10 source 192.168.1.2<br \/>Type escape sequence to abort.<br \/>Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:<br \/>Packet sent with a source address of 192.168.1.2<br \/>!!!!!<br \/>Success rate is 100 percent (5\/5), round-trip min\/avg\/max = 160\/160\/160 ms<br \/><\/pre>\n<p><\/p>\n<h3>IPSec\u30b9\u30c6\u30fc\u30bf\u30b9<\/h3>\n<pre>#show crypto session<br \/>Crypto session current status<br \/><br \/>Interface: Tunnel1<br \/>Profile: IKEv2_Profile<br \/>Session status: UP-ACTIVE<br \/>Peer: 35.231.219.234 port 4500<br \/>  Session ID: 2209<br \/>  IKEv2 SA: local 192.168.1.2\/4500 remote 35.231.219.234\/4500 Active<br \/>  IPSEC FLOW: permit ip 0.0.0.0\/0.0.0.0 0.0.0.0\/0.0.0.0<br \/>        Active SAs: 2, origin: crypto map<br \/><\/pre>\n<p>\u7121\u4e8b\u63a5\u7d9a\u78ba\u8a8d\u5b8c\u4e86\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>GCP\u3068\u306eVPN\u63a5\u7d9a\u3067, \u30dd\u30ea\u30b7\u30fc\u30d9\u30fc\u30b9\u3067\u306f\u306a\u304f\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u30d9\u30fc\u30b9\u3067\u3084\u3063\u3066\u307f\u308b\u3002 \u69cb\u6210\u306f\u524d\u56de\u3068\u307b\u307c\u5909\u308f\u3089\u305a\u3002\u30af\u30e9\u30a6\u30c9\u30eb\u30fc\u30bf\u3068\u306e\u9593\u306e\u30bb\u30b0\u30e1\u30f3\u30c8\u304c\u5897\u3048\u305f\u611f\u3058\u3002 GCP\u5074\u306bBGP\u30eb\u30fc\u30bf\u304c\u3067\u304d, \u305d\u308c\u3068\u306e\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u8a2d\u5b9a\u304c\u8ffd\u52a0\u3068\u2026 <span class=\"read-more\"><a href=\"https:\/\/wp.zassoul.com\/?p=501\">\u7d9a\u304d\u3092\u8aad\u3080 &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,9,44],"tags":[],"class_list":["post-501","post","type-post","status-publish","format-standard","hentry","category-cisco","category-gcp","category-vpn"],"_links":{"self":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=501"}],"version-history":[{"count":0,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/501\/revisions"}],"wp:attachment":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}