diff --git a/iaas/google-cloud-platform/gcp-vpn-config-for-cisco-asaasav.mdx b/iaas/google-cloud-platform/gcp-vpn-config-for-cisco-asaasav.mdx index 303fd04..abab69c 100644 --- a/iaas/google-cloud-platform/gcp-vpn-config-for-cisco-asaasav.mdx +++ b/iaas/google-cloud-platform/gcp-vpn-config-for-cisco-asaasav.mdx @@ -181,7 +181,7 @@ This is the IP address of the public network of your MacStadium private cloud. B **\{ macstadium_outside_interface }** -This is the name of the private network in MacStadium that needs to be accessed by GCP. By default, this is Outside. +This is the name of the outside interface of your Cisco ASA/ASAv device. By default, this is Outside. **\{ shared_key }** diff --git a/iaas/google-cloud-platform/google-cloud-networking-setup.mdx b/iaas/google-cloud-platform/google-cloud-networking-setup.mdx index e213d05..3947085 100644 --- a/iaas/google-cloud-platform/google-cloud-networking-setup.mdx +++ b/iaas/google-cloud-platform/google-cloud-networking-setup.mdx @@ -4,9 +4,11 @@ description: "To establish a stable, persistent connection between a Google Clou zendesk_id: 28300901563163 --- -To establish a stable, persistent connection between a Google Cloud Platform (GCP) private cloud and your MacStadium private cloud, you need to configure a policy-based IPsec site-to-site VPN between the two clouds. +To establish a stable, persistent connection between a Google Cloud Platform (GCP) private cloud and your MacStadium private cloud, you need to configure an IPsec site-to-site VPN between the two clouds. -Currently, you can create only a classic VPN connection with policy-based routing from GCP to MacStadium. It consists of one tunnel and one interface and does not provide high availability. For more information about this option, see [Google Cloud Documentation: Classic VPN](https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn#classic-vpn). +This guide covers the Classic VPN connection with policy-based routing. It consists of one tunnel and one interface and does not provide high availability. For more information about this option, see [Google Cloud Documentation: Classic VPN](https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn#classic-vpn). + +For HA VPN with BGP routing and high availability, see [Site-to-Site VPN Configuration with GCP](/iaas/google-cloud-platform/site-to-site-vpn-configuration-with-gcp). To create a site-to-site VPN from your GCP private cloud to your MacStadium private cloud, you need to go through the following high-level steps: @@ -41,8 +43,6 @@ If you don't have a classic VPN gateway that you want to use, complete the follo 3. Select Classic VPN and click Continue. - * The High-availability (HA) VPN is currently not supported as an option. For more information about the available options, see [Google Cloud Documentation: Choosing a VPN option](https://cloud.google.com/vpn/docs/how-to/choosing-a-vpn). - 4. In the Google Compute Engine VPN gateway section, provide Name and Description. 5. For Network, select the GCP network that needs to be able to access MacStadium. diff --git a/iaas/google-cloud-platform/verify-gcp.mdx b/iaas/google-cloud-platform/verify-gcp.mdx index f57ee18..46aaa8b 100644 --- a/iaas/google-cloud-platform/verify-gcp.mdx +++ b/iaas/google-cloud-platform/verify-gcp.mdx @@ -18,11 +18,11 @@ After you have completed both the Google Cloud Platform (GCP) and the MacStadium ``` -show crypto isakmp sa +show crypto ikev2 sa ``` -If the site-to-site VPN connection is configured properly, you should see information about an active IKEv1. +If the site-to-site VPN connection is configured properly, you should see information about an active IKEv2 security association. -For more information about this verification command, see [Cisco Documentation: show crypto isakmp sa](https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#isakmp_sa). +For more information about this verification command, see [Cisco Documentation: show crypto ikev2 sa](https://www.cisco.com/c/en/us/td/docs/security/asa/asa-cli-reference/S/asa-command-ref-S/sh_cr-shcrip.html). ## Verify that there is an IPsec security association between peers