All Projects

Hybrid Cloud VPN Implementation

 · Part of my work at Carousell

Abstract:  Established a secure and reliable Cloud VPN connection between a GCP Virtual Private Cloud (VPC) and a partner's on-premises datacenter.

Tech: #GCP#Cloud VPN#Networking#Security#VPC

The Challenge

A business requirement emerged to establish a secure communication channel between our cloud-native services running on Google Cloud Platform (GCP) and services hosted in a partner's physical, on-premises datacenter. This required a solution that was secure, reliable, and compliant with both parties' security policies.

The Project

I was tasked with the end-to-end discovery and implementation of a hybrid networking solution. The project followed these key phases:

  1. Discovery & Planning: I initiated discussions with the partner's networking team to align on technical requirements, including IPsec protocols, IKE versions, and routing policies.
  2. Implementation on GCP: I configured and deployed a GCP Cloud VPN gateway within our Virtual Private Cloud (VPC). This included setting up the VPN tunnels, configuring BGP sessions for dynamic route exchange, and adjusting firewall rules to tightly control the traffic allowed over the tunnel.
  3. Testing & Validation: In collaboration with the partner, I conducted a series of tests to validate the connection's stability, performance, and security, ensuring that traffic was flowing correctly and securely between the two environments.

This project successfully bridged our cloud and the on-premises environment, enabling critical business workflows while adhering to strict security standards.