I have installed OpenVPN on other VPS providers, and wanted to try out Google's. I like Googles price/performance, and especially because I can spin up the machines from my phone without logging in every time.
I've got it to the point where the client connects but can't get out to the internet.
I have opened up the firewall to the OpenVPN port.
I have enable IP forwarding on the virtual machine.
The client gets an IP, Gateway, DNS – all the right stuff – when connected.
I suspect I have to build a router and/or a route in order for the packets to get from the OpenVPN instance to the world. I have read the documentation very well, but I'm stuck – I'm not a network guru yet, still learning as I go.
Through reading it looks like I can transform the network into what they call the "legacy" structure, but I'd like to be able to overcome this challenge and understand what's going on. I think it's because the network is broken into many different subnets; compared to just 1 network behind the firewall (ie Legacy).
Looking at a map in my mind, my OpenVPN is sending the data to it's subnet's Gateway, but from there I think the packets get dropped. I must need a route from the subnet gateway to the internet? Or even a full router between subnet and internet?
Like I said, I've used OpenVPN Virtual machines before, no problem. So I'm very confident that the issue lies within configuring the Google Cloud network.
Thanks for any tips.
Best Answer
This fixed it:
Still not sure why I had to do it, maybe Google's Debian image is more locked-down than the standard Diebian instance.
No other Google Cloud network changes were needed.