{"id":135028,"date":"2024-01-31T14:27:35","date_gmt":"2024-01-31T13:27:35","guid":{"rendered":"https:\/\/fotc.com\/?p=135028"},"modified":"2024-01-31T14:27:37","modified_gmt":"2024-01-31T13:27:37","slug":"conectivitate-hibrida-google-cloud-vpn","status":"publish","type":"post","link":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/","title":{"rendered":"Op\u021biuni de conectivitate hibrid\u0103 \u00een Google Cloud: Cloud VPN"},"content":{"rendered":"\n<p>Mediile cloud hibride sunt o solu\u021bie pentru companiile care doresc s\u0103 \u00ee\u0219i modernizeze infrastructura IT f\u0103r\u0103 a risca securitatea \u0219i fiabilitatea sistemelor lor existente. Google Cloud ofer\u0103 o suit\u0103 cuprinz\u0103toare de solu\u021bii de conectivitate hibrid\u0103. Acestea r\u0103spund nevoilor diverse ale companiilor, variind de la op\u021biuni VPN cu costuri reduse p\u00e2n\u0103 la interconect\u0103ri dedicate. Sunt solu\u021bii care permit comunicarea sigur\u0103 \u0219i eficient\u0103 \u00eentre aplica\u021biile locale, centrele de date \u0219i resursele Google Cloud.<\/p>\n\n\n\n<h2 id=\"h-op-iunile-google-cloud-pentru-conectivitate-hibrid\">Op\u021biunile Google Cloud pentru conectivitate hibrid\u0103<\/h2>\n\n\n\n<p>\u00cen <a href=\"https:\/\/fotc.com\/ro\/google-cloud-platform\/\" class=\"ek-link\">Google Cloud<\/a> avem urm\u0103toarele cinci op\u021biuni pentru conectivitate hibrid\u0103:<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect\/concepts\/dedicated-overview\"><strong>Dedicated Interconnect<\/strong><\/a><strong> (Interconectare dedicat\u0103)<\/strong><\/li><li><a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect\/concepts\/partner-overview\"><strong>Partner Interconnect<\/strong><\/a><strong> (Interconectare prin furnizor)<\/strong><\/li><li><a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect\/concepts\/cci-overview\"><strong>Cross-Cloud Interconnect<\/strong><\/a><strong> (Interconectare Cross-Cloud)<\/strong><\/li><li><a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/direct-peering\"><strong>Peering cu Google<\/strong><\/a><strong> (Peering direct)<\/strong><\/li><li><a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/vpn\/concepts\/overview\"><strong>Cloud VPN<\/strong><\/a><\/li><\/ul>\n\n\n\n<p>\u00cen acest articol voi prezenta pe scurt toate cele cinci op\u021biuni. \u00cen cele din urm\u0103, ne vom concentra aten\u021bia pe Cloud VPN. S\u0103 arunc\u0103m o privire la diagrama de mai jos pentru a \u00een\u021belege mai bine c\u00e2nd s\u0103 folosi\u021bi fiecare op\u021biune:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"has-text-align-center\"><img width=\"794\" height=\"739\" src=\"https:\/\/lh7-eu.googleusercontent.com\/apKgc7YyfTpEFKOQfYJJwxnWiivJdVzuq6LqW2-em45swsNRxbA8BIMmxW3ONHFIhej0SHmA3bE8PC1je89DzoC5MiV1nDh5sH5SDBCiDJYlID_NupetcJlYz57Nfz2w2L9FQVf_oO9mxs8H59bZV64\"><\/h2>\n\n\n\n<h2 id=\"h-dedicated-interconnect-interconectarea-dedicat\">Dedicated Interconnect (Interconectarea dedicat\u0103)<\/h2>\n\n\n\n<p>Interconectarea dedicat\u0103 ofer\u0103 conexiuni fizice directe \u00eentre re\u021beaua local\u0103 \u0219i re\u021beaua Google. Aceast\u0103 op\u021biune permite s\u0103 transfera\u021bi cantit\u0103\u021bi mari de date \u00eentre re\u021bele, ceea ce poate fi mai rentabil dec\u00e2t achizi\u021bionarea de l\u0103\u021bime de band\u0103 suplimentar\u0103 prin internetul public<strong>.<\/strong><\/p>\n\n\n\n<h3><strong>Cum func\u021bioneaz\u0103 interconectarea dedicat\u0103?<\/strong><\/h3>\n\n\n\n<p>Pentru interconectarea dedicat\u0103, furniza\u021bi o conexiune de interconectare dedicat\u0103 \u00eentre re\u021beaua Google \u0219i propria dvs. re\u021bea. Urm\u0103torul exemplu de diagram\u0103 arat\u0103 o singur\u0103 conexiune de interconectare dedicat\u0103 \u00eentre o re\u021bea Virtual Private Cloud (VPC) \u0219i o re\u021bea local\u0103.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img width=\"1024\" height=\"536\" src=\"https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-1024x536.png\" alt=\"\" class=\"wp-image-135043\" srcset=\"https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-1024x536.png 1024w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-300x157.png 300w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-768x402.png 768w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-123x64.png 123w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-142x74.png 142w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-335x175.png 335w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-539x282.png 539w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-920x481.png 920w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-350x183.png 350w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata-26x14.png 26w, https:\/\/fotc.com\/app\/uploads\/2024\/01\/interconectarea-dedicata.png 1061w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n\n<h2>Peering cu Google (Peering direct)<\/h2>\n\n\n\n<p><strong>Peering-ul direct<\/strong> v\u0103 permite s\u0103 stabili\u021bi o conexiune de peering direct\u0103 \u00eentre re\u021beaua dvs. de afaceri \u0219i re\u021beaua edge Google \u0219i s\u0103 face\u021bi schimb de trafic cloud de mari dimensiuni.<\/p>\n\n\n\n<p>Aceast\u0103 capacitate este disponibil\u0103 \u00een oricare dintre cele peste 100 de loca\u021bii din 33 de \u021b\u0103ri din \u00eentreaga lume. Pentru mai multe informa\u021bii despre loca\u021biile de margine ale Google, consulta\u021bi site-ul de peering Google.<\/p>\n\n\n\n<p>C\u00e2nd este stabilit, peering-ul direct ofer\u0103 o cale direct\u0103 de la re\u021beaua dvs. local\u0103 la serviciile Google, inclusiv produsele Google Cloud care pot fi expuse prin una sau mai multe adrese IP publice. Traficul din re\u021beaua Google c\u0103tre re\u021beaua dvs. local\u0103 urmeaz\u0103, de asemenea, aceast\u0103 cale direct\u0103, inclusiv traficul din re\u021belele VPC din proiectele dvs.<\/p>\n\n\n\n<p>Peeringul direct exist\u0103 \u00een afara Google Cloud. Cu excep\u021bia cazului \u00een care trebuie s\u0103 accesa\u021bi aplica\u021biile <a href=\"https:\/\/fotc.com\/ro\/google-workspace\/\" class=\"ek-link\">Google Workspace<\/a>, metodele recomandate de acces la Google Cloud sunt Interconectare prin furnizor sau Interconectare dedicat\u0103.<\/p>\n\n\n\n<h2>Cloud VPN<\/h2>\n\n\n\n<p><strong>Cloud VPN<\/strong> este un serviciu regional care v\u0103 va conecta \u00een siguran\u021b\u0103 re\u021beaua local\u0103 la GCP VPC folosind un tunel IPSec. Tot traficul care traverseaz\u0103 internetul prin tunel este criptat. Sunt acceptate at\u00e2t cifrurile IKEv1, c\u00e2t \u0219i IKEv2. Conexiunea VPN necesit\u0103 un gateway VPN Cloud, un gateway VPN local \u0219i dou\u0103 tuneluri VPN care sunt configurate din perspectiva fiec\u0103rui gateway. O conexiune este stabilit\u0103 atunci c\u00e2nd sunt create ambele tuneluri. Gateway-ul local poate fi un dispozitiv hardware sau software. <\/p>\n\n\n\n<p>Exist\u0103 o cerin\u021b\u0103 special\u0103 ca MTU-ul gateway-ului dvs. local s\u0103 nu fie mai mare de 1.460 de octe\u021bi. VPN accept\u0103 at\u00e2t rute statice, c\u00e2t \u0219i dinamice. Rutele dinamice sunt gestionate de routerele din re\u021beaua VPC \u0219i folosesc <strong>Border Gateway Protocol (BGP)<\/strong>, \u00een timp ce rutele statice sunt create manual \u0219i accept\u0103 rutele urm\u0103toare.<\/p>\n\n\n\n<p>\u00cen acest moment, Google ofer\u0103 dou\u0103 tipuri de gateway VPN: <strong>VPN HA<\/strong> \u0219i <strong>VPN clasic<\/strong>:<\/p>\n\n\n\n<h3><strong>HA VPN<\/strong><\/h3>\n\n\n\n<p>Un VPN HA este o solu\u021bie VPN cu o disponibilitate ridicat\u0103, care ne permite s\u0103 ne conect\u0103m re\u021beaua local\u0103 la un VPC GCP \u00eentr-o singur\u0103 regiune. Fiind un serviciu cu o disponibilitate ridicat\u0103, un VPN HA ofer\u0103 un SLA (Service Level Agreement\/ Acord privind nivelul serviciilor) de 99,99% privind disponibilitatea serviciului. <\/p>\n\n\n\n<p>C\u00e2nd cre\u0103m acest tip de VPN, GCP creeaz\u0103 automat dou\u0103 adrese IP externe \u2013 una pentru fiecare dintre interfe\u021bele fixe \u0219i fiecare interfa\u021b\u0103 gateway VPN HA accept\u0103 mai multe tuneluri. Trebuie s\u0103 re\u021binem c\u0103 este posibil s\u0103 configura\u021bi un VPN HA cu o singur\u0103 interfa\u021b\u0103 activ\u0103 \u0219i un IP extern, \u00eens\u0103 aceasta nu va oferi SLA-ul men\u021bionat. Exist\u0103 unele cerin\u021be care trebuie s\u0103 fie \u00een vigoare pentru a atinge SLA-ul de disponibilitate de 99,99%. <\/p>\n\n\n\n<p>S\u0103 discut\u0103m despre asta \u00een mai multe detalii:<\/p>\n\n\n\n<ul><li>Disponibilitatea este garantat\u0103 numai pe partea Google Cloud a conexiunii, ceea ce \u00eenseamn\u0103 c\u0103 disponibilitatea end-to-end va depinde de configura\u021bia corect\u0103 a gateway-ului VPN peer. Dac\u0103 exist\u0103 configura\u021bia corect\u0103, atunci ambele p\u0103r\u021bi sunt gateway-uri Google Cloud \u0219i va fi garantat\u0103 disponibilitatea de la un cap\u0103t la altul la 99,99%. Pentru a ob\u021bine o disponibilitate ridicat\u0103 atunci c\u00e2nd ambele gateway-uri VPN sunt \u00een re\u021bele VPC, trebuie s\u0103 folosim dou\u0103 gateway-uri VPN HA \u0219i ambele trebuie s\u0103 fie \u00een aceea\u0219i regiune.<\/li><li>De\u0219i ambele gateway-uri trebuie s\u0103 fie \u00een aceea\u0219i regiune, dac\u0103 re\u021beaua noastr\u0103 VPC este configurat\u0103 pentru modul de <strong>rutare dinamic\u0103 global\u0103<\/strong>, rutele c\u0103tre subre\u021belele pe care gateway-urile le partajeaz\u0103 pot fi \u00een orice regiune. Dac\u0103 ne configuram re\u021beaua VPC pentru modul de <strong>rutare dinamic\u0103 regional\u0103<\/strong>, atunci numai rutele c\u0103tre subre\u021bele din aceea\u0219i regiune vor fi partajate cu re\u021beaua peer. Rutele \u00eenv\u0103\u021bate sunt aplicate numai subre\u021belelor din aceea\u0219i regiune cu tunelul VPN.<\/li><li><strong>VPN HA<\/strong> trebuie, de asemenea, s\u0103 resping\u0103 adresele IP Google Cloud dac\u0103 sunt configurate \u00eentr-o resurs\u0103 gateway VPN extern\u0103; de exemplu, folosind adresa IP extern\u0103 a unei instan\u021be VM ca adres\u0103 IP extern\u0103 pentru resursa gateway VPN extern\u0103. VPN HA trebuie utilizat pe ambele p\u0103r\u021bi ale unei re\u021bele Google Cloud pentru a ob\u021bine o topologie VPN HA pe deplin acceptat\u0103.<\/li><\/ul>\n\n\n\n<p>De asemenea, trebuie s\u0103 ne asigur\u0103m c\u0103 configur\u0103m dou\u0103 tuneluri VPN din perspectiva gateway-ului Cloud VPN. Aceasta vine cu cerin\u021be specifice, \u00een func\u021bie de designul nostru:<\/p>\n\n\n\n<ul><li><strong>Dou\u0103 dispozitive peer VPN gateway<\/strong>: aceast\u0103 configura\u021bie necesit\u0103 ca fiecare dintre tunelurile de la fiecare interfa\u021b\u0103 de pe gateway-ul Cloud VPN s\u0103 fie conectat la propriul s\u0103u gateway peer.<\/li><\/ul>\n\n\n\n<ul><li><strong>Dispozitivul gateway VPN peer unic cu dou\u0103 interfe\u021be<\/strong>: aceast\u0103 configura\u021bie necesit\u0103 ca fiecare dintre tunelurile de la fiecare interfa\u021b\u0103 de pe gateway-ul Cloud VPN s\u0103 fie conectat la propria interfa\u021b\u0103 pe gateway-ul peer.<\/li><\/ul>\n\n\n\n<ul><li><strong>Dispozitivul gateway VPN peer unic<\/strong> cu o singur\u0103 interfa\u021b\u0103: aceast\u0103 configura\u021bie necesit\u0103 ca ambele tuneluri de la fiecare interfa\u021b\u0103 de pe gateway-ul Cloud VPN s\u0103 fie conectate la aceea\u0219i interfa\u021b\u0103 pe gateway-ul peer<\/li><\/ul>\n\n\n\n<ul><li>Un dispozitiv VPN peer trebuie configurat cu redundan\u021ba corespunz\u0103toare. Furnizorul dispozitivului va specifica detaliile unei configura\u021bii redundante, iar aceasta poate diferi \u00een func\u021bie de furnizor.<\/li><\/ul>\n\n\n\n<ul><li>Dac\u0103 designul nostru necesit\u0103 dou\u0103 dispozitive peer, atunci fiecare dispozitiv peer ar trebui s\u0103 fie conectat la o interfa\u021b\u0103 gateway VPN HA diferit\u0103. Dac\u0103 partea peer este de la alt furnizor, de exemplu Azure, atunci conexiunile VPN ar trebui s\u0103 fie configurate cu redundan\u021b\u0103 corespunz\u0103toare \u0219i pe partea de Azure.<\/li><\/ul>\n\n\n\n<ul><li>De asemenea, dispozitivul nostru gateway VPN peer trebuie s\u0103 accepte rutare dinamic\u0103 (BGP).<\/li><\/ul>\n\n\n\n<p>Urm\u0103toarea diagram\u0103 prezint\u0103 conceptul HA VPN, ar\u0103t\u00e2nd o topologie care include cele dou\u0103 interfe\u021be ale unui gateway HA VPN conectat la dou\u0103 gateway-uri peer VPN:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"has-text-align-center\"><img width=\"737\" height=\"788\" src=\"https:\/\/lh7-eu.googleusercontent.com\/r1zK5IczfhVO-u7Mcs1Bp1Bx0l5NcHRTjJt2wsiS2Q9apDmWua_6c3URU5PurXGsL9O2CJaNTt3GK2yEcNDsBrk6ndlkpQnxnHlzQRzwxSBNx8nEZkikqYbST3aeO_bhnQMz0WDQHdUrpv1VkoZYrRo\"><\/p>\n\n\n\n<h2>Classic VPN\u00a0<\/h2>\n\n\n\n<p>Toate gateway-urile Cloud VPN create \u00eenainte de introducerea VPN HA sunt considerate gateway-uri VPN clasice.<\/p>\n\n\n\n<p>Gateway-urile VPN clasice au o singur\u0103 interfa\u021b\u0103 \u0219i o singur\u0103 adres\u0103 IP extern\u0103. Ace\u0219tia accept\u0103 tuneluri care utilizeaz\u0103 BGP sau rutare static\u0103 \u0219i vor oferi un SLA de disponibilitate a serviciilor de 99,9%.. De la finalul anului 2021, nu se mai poate folosi rutarea static\u0103 pentru a crea tuneluri VPN clasice care se conecteaz\u0103 la un alt gateway VPN clasic \u0219i nici s\u0103 conect\u0103m o re\u021bea VPC clasic\u0103 la o alt\u0103 re\u021bea de furnizor de cloud. De asemenea, nu ve\u021bi putea crea un nou tunel VPN clasic. Google ne \u00eencurajeaz\u0103 s\u0103 migram traficul de produc\u021bie c\u0103tre un VPC HA.<\/p>\n\n\n\n<p><strong>Tabel comparativ<\/strong><\/p>\n\n\n\n<p>Urm\u0103torul tabel compar\u0103 caracteristicile VPN HA cu caracteristicile VPN clasice:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Caracteristica<\/td><td>HA VPN<\/td><td>Classic VPN<\/td><\/tr><tr><td>SLA<\/td><td>Ofer\u0103 99,99% SLA pentru majoritatea topologiilor, cu c\u00e2teva excep\u021bii.<\/td><td>Ofer\u0103 un SLA de 99,9%.<\/td><\/tr><tr><td>Crearea de adrese IP externe \u0219i reguli de redirec\u021bionare<\/td><td>Adrese IP externe create dintr-un pool; nu sunt necesare reguli de transmitere.<\/td><td>Trebuie create adrese IP externe \u0219i reguli de redirec\u021bionare.<\/td><\/tr><tr><td>Op\u021biuni de rutare acceptate<\/td><td>Doar rutare dinamic\u0103 (BGP).<\/td><td>Rutare static\u0103 (pe baz\u0103 de politici, bazat\u0103 pe rut\u0103). Rutarea dinamic\u0103 este acceptat\u0103 numai pentru tunelurile care se conecteaz\u0103 la software-ul gateway VPN ter\u021b\u0103 parte care ruleaz\u0103 pe instan\u021bele VM Google Cloud.<\/td><\/tr><tr><td>Dou\u0103 tuneluri de la un gateway Cloud VPN la acela\u0219i gateway peer<\/td><td>Acceptat.<\/td><td>Nu este acceptat.<\/td><\/tr><tr><td>Conecta\u021bi un gateway Cloud VPN la VM Compute Engine cu adrese IP externe<\/td><td>Topologie acceptat\u0103 \u0219i recomandat\u0103. Pentru mai multe informa\u021bii, consulta\u021bi <a href=\"https:\/\/cloud.google.com\/network-connectivity\/docs\/vpn\/concepts\/topologies#vm-multi-zone\">Topologii VPN HA.<\/a><\/td><td>Acceptat.<\/td><\/tr><tr><td>Resurse API<\/td><td>Cunoscut\u0103 ca resursa vpn-gateway.<\/td><td>Cunoscut\u0103 ca resursa target-vpn-gateway.<\/td><\/tr><tr><td>Trafic IPv6<\/td><td>Acceptat (configura\u021bie dual stack IPv4 \u0219i IPv6)<\/td><td>Nu este acceptat.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2><strong>Cerin\u021be pentru a crea o conexiune \u00eentre Cloud VPN \u0219i on premises:<\/strong><\/h2>\n\n\n\n<p>Conectarea Cloud VPN cu on-premises \u00een GCP implic\u0103 stabilirea unei conexiuni sigure \u00eentre re\u021beaua local\u0103 \u0219i re\u021beaua Google Cloud Platform (GCP). Pentru a asigura o conexiune de succes \u0219i f\u0103r\u0103 \u00eentreruperi, trebuie \u00eendeplinite mai multe cerin\u021be.<\/p>\n\n\n\n<h3><strong>Cerin\u021be re\u021belei locale (on prem):<\/strong><\/h3>\n\n\n\n<ol><li>Re\u021bea local\u0103 rutabil\u0103: re\u021beaua dvs. local\u0103 trebuie s\u0103 fie conectat\u0103 direct la internetul public \u0219i s\u0103 aib\u0103 o adres\u0103 IP extern\u0103 static\u0103. Aceast\u0103 adres\u0103 IP va servi ca adres\u0103 IP a gateway-ului VPN peer, permi\u021b\u00e2nd comunicarea \u00eentre re\u021belele dvs. locale \u0219i GCP.<\/li><li>Activarea redirec\u021bion\u0103rii IP: redirec\u021bionarea IP trebuie s\u0103 fie activat\u0103 pe routerul dvs. local. Acest lucru permite routerului s\u0103 direc\u021bioneze traficul \u00eentre re\u021beaua local\u0103 \u0219i re\u021beaua GCP, asigur\u00e2nd un transfer de date f\u0103r\u0103 \u00eentreruperi.<\/li><li>Configurare subre\u021beaua VPN Gateway: crea\u021bi o subre\u021bea dedicat\u0103 \u00een re\u021beaua local\u0103 pentru a servi drept subre\u021bea VPN Gateway. Aceast\u0103 subre\u021bea va g\u0103zdui dispozitivul VPN gateway, responsabil pentru stabilirea \u0219i men\u021binerea conexiunii tunelului VPN.<\/li><\/ol>\n\n\n\n<h3 id=\"h-cerin-ele-re-elei-gcp\">Cerin\u021bele re\u021belei GCP<\/h3>\n\n\n\n<ul><li>Re\u021bea VPC: ve\u021bi avea nevoie de o re\u021bea VPC \u00een GCP pe care dori\u021bi s\u0103 o conecta\u021bi la re\u021beaua local\u0103. Aceast\u0103 re\u021bea ar trebui s\u0103 aib\u0103 resursele necesare, cum ar fi subre\u021bele, tabele de rutare \u0219i firewall-uri, pentru a facilita conexiunea VPN.<\/li><li>Alocarea subre\u021belei VPN Gateway: Aloca\u021bi o subre\u021bea dedicat\u0103 \u00een re\u021beaua dvs. GCP VPC pentru a g\u0103zdui dispozitivul GCP VPN gateway. Aceast\u0103 subre\u021bea va ac\u021biona ca omologul gateway-ului VPN din re\u021beaua dvs. local\u0103, permi\u021b\u00e2nd comunicarea securizat\u0103 \u00eentre cele dou\u0103 re\u021bele.<\/li><li>Adres\u0103 IP public\u0103 static\u0103: ob\u021bine\u021bi o adres\u0103 IP public\u0103 static\u0103 pentru dispozitivul gateway VPN GCP. Aceast\u0103 adres\u0103 IP va fi utilizat\u0103 de gateway-ul VPN local pentru a stabili o conexiune securizat\u0103 cu gateway-ul VPN GCP.<\/li><\/ul>\n\n\n\n<h3><strong>Reguli pentru firewall:<\/strong><\/h3>\n\n\n\n<ul><li>Reguli de firewall de re\u021bea local\u0103: implementa\u021bi reguli de firewall \u00een re\u021beaua dvs. local\u0103 pentru a permite traficul specific din re\u021beaua GCP, cum ar fi traficul web sau accesul la baza de date. Acest lucru asigur\u0103 c\u0103 numai traficului autorizat i se permite s\u0103 traverseze tunelul VPN.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/li><li>Reguli&nbsp; firewall de re\u021bea GCP: configura\u021bi reguli de firewall \u00een re\u021beaua dvs. GCP pentru a permite traficul din re\u021beaua local\u0103, urm\u00e2nd acela\u0219i principiu de a permite numai traficul autorizat.<\/li><\/ul>\n\n\n\n<h3><strong>Configura\u021bia tunelului VPN:<\/strong><\/h3>\n\n\n\n<ul><li>Crearea tunelului VPN: stabili\u021bi un tunel VPN \u00eentre gateway-urile VPN din re\u021beaua local\u0103 \u0219i re\u021beaua GCP. Acest tunel va cripta \u0219i \u00eencapsula traficul, asigur\u00e2nd o comunicare sigur\u0103 \u00eentre cele dou\u0103 re\u021bele.<\/li><li>Selec\u021bia protocolului VPN: alege\u021bi un protocol VPN adecvat, cum ar fi IPsec, pentru a stabili tunelul VPN. Aceste protocoale asigur\u0103 transmisie de date sigur\u0103 \u0219i fiabil\u0103 prin internetul public.<\/li><li>Criptare VPN: implementa\u021bi algoritmi de criptare puternici, cum ar fi AES-256, pentru a proteja datele schimbate prin tunelul VPN. Acest lucru protejeaz\u0103 informa\u021biile sensibile \u00eempotriva intercept\u0103rii sau accesului neautorizat.<\/li><\/ul>\n\n\n\n<p>\u00cendeplinind aceste cerin\u021be, pute\u021bi stabili o conexiune Cloud VPN sigur\u0103 \u0219i fiabil\u0103 \u00eentre re\u021beaua local\u0103 \u0219i GCP, permi\u021b\u00e2nd transferul de date f\u0103r\u0103 \u00eentreruperi \u0219i o conectivitate \u00eembun\u0103t\u0103\u021bit\u0103 la re\u021bea.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mediile cloud hibride sunt o solu\u021bie pentru companiile care doresc s\u0103 \u00ee\u0219i modernizeze infrastructura IT f\u0103r\u0103 a risca securitatea \u0219i fiabilitatea sistemelor lor existente. Google Cloud ofer\u0103 o suit\u0103 cuprinz\u0103toare de solu\u021bii de conectivitate hibrid\u0103. Acestea r\u0103spund nevoilor diverse ale companiilor, variind de la op\u021biuni VPN cu costuri reduse p\u00e2n\u0103 la interconect\u0103ri dedicate. Sunt solu\u021bii&#8230;<\/p>\n","protected":false},"author":19,"featured_media":135029,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_editorskit_title_hidden":false,"_editorskit_reading_time":7,"_editorskit_typography_data":[],"_editorskit_blocks_typography":"","_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}"},"categories":[562],"tags":[1102],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v16.7 (Yoast SEO v19.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/\" \/>\n<meta property=\"og:locale\" content=\"ro_RO\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN\" \/>\n<meta property=\"og:description\" content=\"Mediile cloud hibride sunt o solu\u021bie pentru companiile care doresc s\u0103 \u00ee\u0219i modernizeze infrastructura IT f\u0103r\u0103 a risca securitatea \u0219i fiabilitatea sistemelor lor existente. Google Cloud ofer\u0103 o suit\u0103 cuprinz\u0103toare de solu\u021bii de conectivitate hibrid\u0103. Acestea r\u0103spund nevoilor diverse ale companiilor, variind de la op\u021biuni VPN cu costuri reduse p\u00e2n\u0103 la interconect\u0103ri dedicate. Sunt solu\u021bii...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/\" \/>\n<meta property=\"og:site_name\" content=\"FOTC\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-31T13:27:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-31T13:27:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/fotc.com\/app\/uploads\/2024\/01\/BLOG_GCP_RO.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Laura Paraschiv\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/\",\"url\":\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/\",\"name\":\"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN\",\"isPartOf\":{\"@id\":\"https:\/\/fotc.com\/#website\"},\"datePublished\":\"2024-01-31T13:27:35+00:00\",\"dateModified\":\"2024-01-31T13:27:37+00:00\",\"author\":{\"@id\":\"https:\/\/fotc.com\/#\/schema\/person\/e3a6b214e5a3311a79985b4c3dd137fd\"},\"breadcrumb\":{\"@id\":\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/#breadcrumb\"},\"inLanguage\":\"ro-RO\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"RO\",\"item\":\"https:\/\/fotc.com\/ro\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google Cloud\",\"item\":\"https:\/\/fotc.com\/ro\/blog\/category\/google-cloud-platform-ro\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Op\u021biuni de conectivitate hibrid\u0103 \u00een Google Cloud: Cloud VPN\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/fotc.com\/#website\",\"url\":\"https:\/\/fotc.com\/\",\"name\":\"FOTC\",\"description\":\"Partner Google Cloud\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/fotc.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"ro-RO\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/fotc.com\/#\/schema\/person\/e3a6b214e5a3311a79985b4c3dd137fd\",\"name\":\"Laura Paraschiv\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ro-RO\",\"@id\":\"https:\/\/fotc.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cba586d4f1373c8f4c7a30c466e1a6a0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cba586d4f1373c8f4c7a30c466e1a6a0?s=96&d=mm&r=g\",\"caption\":\"Laura Paraschiv\"},\"description\":\"Laura Paraschiv are peste 5 ani de activitate ca jurnalist \u0219i al\u021bi 5 ani experien\u021b\u0103 de content writer \u0219i marketer. Nu are nicio problem\u0103 \u00een a scrie pentru orice public sau industrie, dar mai mereu se b\u00e2lb\u00e2ie c\u00e2nd trebuie s\u0103 scrie despre sine.\",\"sameAs\":[\"https:\/\/ro.linkedin.com\/in\/laura-teodora-paraschiv\"],\"knowsAbout\":[\"Google Workspace\",\"Google Cloud\"],\"jobTitle\":\"Content Manager\",\"url\":\"https:\/\/fotc.com\/ro\/blog\/author\/laura-paraschiv\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/","og_locale":"ro_RO","og_type":"article","og_title":"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN","og_description":"Mediile cloud hibride sunt o solu\u021bie pentru companiile care doresc s\u0103 \u00ee\u0219i modernizeze infrastructura IT f\u0103r\u0103 a risca securitatea \u0219i fiabilitatea sistemelor lor existente. Google Cloud ofer\u0103 o suit\u0103 cuprinz\u0103toare de solu\u021bii de conectivitate hibrid\u0103. Acestea r\u0103spund nevoilor diverse ale companiilor, variind de la op\u021biuni VPN cu costuri reduse p\u00e2n\u0103 la interconect\u0103ri dedicate. Sunt solu\u021bii...","og_url":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/","og_site_name":"FOTC","article_published_time":"2024-01-31T13:27:35+00:00","article_modified_time":"2024-01-31T13:27:37+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/fotc.com\/app\/uploads\/2024\/01\/BLOG_GCP_RO.png","type":"image\/png"}],"author":"Laura Paraschiv","twitter_card":"summary_large_image","twitter_title":"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/","url":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/","name":"Valorifica\u021bi conectivitatea hibird\u0103 \u00een Google Cloud cu Cloud VPN","isPartOf":{"@id":"https:\/\/fotc.com\/#website"},"datePublished":"2024-01-31T13:27:35+00:00","dateModified":"2024-01-31T13:27:37+00:00","author":{"@id":"https:\/\/fotc.com\/#\/schema\/person\/e3a6b214e5a3311a79985b4c3dd137fd"},"breadcrumb":{"@id":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/#breadcrumb"},"inLanguage":"ro-RO","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/fotc.com\/ro\/blog\/conectivitate-hibrida-google-cloud-vpn\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"RO","item":"https:\/\/fotc.com\/ro\/"},{"@type":"ListItem","position":2,"name":"Google Cloud","item":"https:\/\/fotc.com\/ro\/blog\/category\/google-cloud-platform-ro\/"},{"@type":"ListItem","position":3,"name":"Op\u021biuni de conectivitate hibrid\u0103 \u00een Google Cloud: Cloud VPN"}]},{"@type":"WebSite","@id":"https:\/\/fotc.com\/#website","url":"https:\/\/fotc.com\/","name":"FOTC","description":"Partner Google Cloud","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fotc.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"ro-RO"},{"@type":"Person","@id":"https:\/\/fotc.com\/#\/schema\/person\/e3a6b214e5a3311a79985b4c3dd137fd","name":"Laura Paraschiv","image":{"@type":"ImageObject","inLanguage":"ro-RO","@id":"https:\/\/fotc.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cba586d4f1373c8f4c7a30c466e1a6a0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cba586d4f1373c8f4c7a30c466e1a6a0?s=96&d=mm&r=g","caption":"Laura Paraschiv"},"description":"Laura Paraschiv are peste 5 ani de activitate ca jurnalist \u0219i al\u021bi 5 ani experien\u021b\u0103 de content writer \u0219i marketer. Nu are nicio problem\u0103 \u00een a scrie pentru orice public sau industrie, dar mai mereu se b\u00e2lb\u00e2ie c\u00e2nd trebuie s\u0103 scrie despre sine.","sameAs":["https:\/\/ro.linkedin.com\/in\/laura-teodora-paraschiv"],"knowsAbout":["Google Workspace","Google Cloud"],"jobTitle":"Content Manager","url":"https:\/\/fotc.com\/ro\/blog\/author\/laura-paraschiv\/"}]}},"_links":{"self":[{"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/posts\/135028"}],"collection":[{"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/users\/19"}],"replies":[{"embeddable":true,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/comments?post=135028"}],"version-history":[{"count":0,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/posts\/135028\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/media\/135029"}],"wp:attachment":[{"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/media?parent=135028"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/categories?post=135028"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fotc.com\/ro\/wp-json\/wp\/v2\/tags?post=135028"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}